Johna Till Johnson's blog

By Johna Till Johnson
On Aug 17, 2015

“Welcome to Acme Corp. You’ve Been Breached”

Monday, August 17, 2015

Incoming CISOs like to joke that the first item they’re issued when they begin the new job is a T-shirt with a target on it. But it’s not really a joke: for a long time, the CISO’s job was to be fired if a company was breached.

That’s no longer the case. For one thing, the drumbeat of breaches at high-profile companies makes it clear that even the most sophisticated companies can be victims.

By Johna Till Johnson
On Aug 03, 2015

Nemertes Navigator360 Conference Charts the IT Seas for 2020 and Beyond

Monday, August 3, 2015

For the fifth consecutive year, the Nemertes Navigator360 conference was a smashing success.  The Nemertes team, together with our Platinum sponsors Dimension Data and Sprint, and senior IT executives from Ford, Mars, Inc., Northrop Grumman, Pfizer,  Prudential and other leading global firms covered a lot of ground in 2.5 days: We explored emerging trends in unified communications, cloud services, DevOps, security and risk management.

By Johna Till Johnson
On Jun 09, 2015

Cisco's Changing of the Guard

Tuesday, June 9, 2015
When Chuck Robbins succeeds John Chambers as CEO on July 26, what changes can competitors, partners, and IT professionals anticipate?
By Johna Till Johnson
On Mar 24, 2015

Managing Distributed Risk: A Strategy for Minimizing Risk from Third-party Engagement

Tuesday, March 24, 2015

If you’re like most IT professionals, you’ve noticed that your roster of third-party providers continues to grow. Whether you’re using software as a service (SaaS) applications (as virtually every organization does), offshore developers, cloud services like infrastructure as a service (IaaS) or platform as a service (PaaS), or document share solutions, you probably have a surprising amount of sensitive data in the hands of third parties. And that injects distributed risk.

By Johna Till Johnson
On Jan 07, 2015

IBM Plunges Into Pervasive Protection

Wednesday, November 5, 2014

In November, IBM took a significant leap  into the area of pervasive protection with a portfolio of new offerings focusing on enhancing cloud security.  The company announced eleven new products and service enhancements in the areas of access management, data protection, visibility and analytics, and security operations, essentially extending premise-base security to integrate with cloud services. The goal is to “pivot the portfolio towards cloud”, as the company put it.

By Johna Till Johnson
On Dec 12, 2014

Inception: Engineered for Destruction

Friday, December 12, 2014

Unless you’ve been living under a rock for the past decade, you’ve heard about advanced persistent threats (APT): threats that are engineered to unfold over time, slowly infiltrating a chosen target through a range of attack vectors and often utilizing code snippets that are harmless individually, but recombine to become toxic. And of course you’re aware of the promise of cloud, particularly the ability to make resources available more quickly and ubiquitously than ever before.

By Johna Till Johnson
On Sep 23, 2014

Where Moneyball Meets InfoSec

Tuesday, September 23, 2014

In my last post, I touched on the need for information security professionals to take a step back and reassess how they’re approaching the entire discipline of information security.

In this and upcoming posts, I’ll  talk about what that means, highlight key areas to focus on, and provide practical next steps for infosec professionals.

By Johna Till Johnson
On Sep 19, 2014

Cybersecurity: The Next Generation

Friday, September 19, 2014

Information security is different these days.

Until roughly this year, most folks—business and technology professionals alike—thought of information security as purely a technical discipline. And as with most technical disciplines, the thinking was that so long as the technical professionals do their jobs, things are good.

If your roofer is good, your roof won’t leak, right?

By Johna Till Johnson
On Aug 13, 2014

The Top Four Tasks of a 21st Century Technology Leader

Wednesday, August 13, 2014
What should technology leaders be doing in 2014, 2015, and beyond?

That was the top focus of the Nemertes Navigator360 Conference, held July 28-30 in St. Pete’s Beach, Florida.

Nemertes Research gathered with top technology leaders from global innovators including Interpublic Group, Chubb & Sons, Northrop Grumman, Ford Motor Company, Vanguard, Sprint to discuss our visions—and best practices—for technology leadership during the coming years of change.

By Johna Till Johnson
On Mar 25, 2014

Putting Wearables To Work in the Enterprise

Tuesday, March 25, 2014

As my colleague, Nemertes Research Analyst John Arkontaky, recently wrote, enterprises are beginning to tiptoe into the world of wearables. Although a vanishingly small percentage of IT organizations supported wearables in 2013, early indications are that this percentage has grown dramatically in 2014.


Subscribe to RSS - Johna Till Johnson's blog