Jericho Forum Presenting Corporate Security Blueprint At InfoSecurity Conference
Sep 11, 2007 3:31 PM
Chief information security officers from some of the world's biggest companies say the tools they've been getting out of the high-tech industry aren't good enough. They say they've been having a hard time protecting their companies and keeping them open for business on the Web.
So they banded together and founded the Jericho Forum, named after the Battle of Jericho, where the Israelites blew their trumpets and made the city walls fall down. Those walls, like many corporate security perimeters, look like "Swiss cheese," Paul Simmonds, the forum's chairman told Baseline magazine.
The Jericho Forum may become better known when it presents a blueprint for a corporate security architecture, along with guidelines for designing it, at the InfoSecurity conference in New York City, running today and tomorrow (Sept. 11 and 12) at the Jacob Javits Convention Center. The blueprint describes a system that focuses on protecting data instead of protecting the network and infrastructure the data flows through. IBM, Cisco, Hewlett-Packard, Motorola and Qualys (the first vendor allowed to work with Jericho) are now developing products to meet this need, which Jericho calls "de-perimeterization."
Simmonds is also the CISO of Imperial Chemical Industries, a London-based multinational that sells starch and paints. He says he and his peers are frustrated by the demands of their businesses to put more and more holes in their firewalls -- for joint ventures, suppliers and customers -- and still keep their corporations secure.
Turning off the Web is not an option. But Simmonds told Baseline magazine that corporate security executives "rapidly came to the conclusion that if we didn't change the mindset of the high-tech industry and start talking about the issues affecting us, we would not get the products we need."
One example is federated identity, which gives people access to corporate networks based on authenticated credentials. That's impossible given the security breaches occurring daily. "There was this naïve assumption that our borders made our internal networks secure," Simmonds says. "We all know today that's false."
The Jericho Forum now has more than 100 members, many of them global international companies, including Johnson & Johnson, Proctor & Gamble, Novartis and British Petroleum. Membership is weighted toward companies headquartered in Europe, possibly because Europeans routinely work across national boundaries and confront security problems earlier, Simmonds says. Also, the European Union is stricter about protecting data and privacy. The ultimate goal of the Jericho Forum is to disband in two years. By then, members hope, it will no longer be needed.
Want to use this article? Click here for options!
© 2008 Penton Media Inc.
Today's New Product
|
Privaris Biometric Verification SoftwareIn support of the Privaris family of personal identity verification tokens for secure physical and IT access, an updated version of its plusID Manager Version 2.0 software extends the capabilities and convenience to administer and enroll biometric tokens. The software offers multi-client support, import and export functionality, more extensive reporting features and a key server for a more convenient method of securing tokens to the issuing organization. |
advertisement
This month in Access Control
- Targeting The Customer
- Electronic Pedigrees
- One Hero Among Many
- Who? What? When? Where? Why?
- More from September's issue
Latest Jobs
advertisement
