Disbanding your security team may not be an entirely dumb idea, because plenty of other people in your organisation already overlap with their responsibilities, or could usefully do their jobs. That’s an idea advanced by analyst firm Gartner’s vice president and research fellow Tom Scholtz, who has raised it as a deliberately provocative gesture to get people thinking about how to best secure their organisations. Scholtz’s hypothesis is that when organisations perceive more risk, they create a dedicated team to address it . That team, he said, grows as the scope of risk grows . With business quickly expanding their online activities, that means lots more risk and lots more people in the central team .
Which might do the job but also reminded Scholtz that big teams are seldom noted for efficiency. He also says plenty of businesses see centralised security as roadblocks . I met one chief security officer who said his team is known as the ‘business prevention department’, Scholtz told Gartner’s Security and Risk Management Summit in Sydney today. He therefore looked at how security teams might become less obstructive and hit on the idea of pushing responsibility for security into other teams . One area where this could work, he said, is endpoint security, a field in which many organisations have dedicated and skilled teams to tend desktops and/or servers .
Data security is another area ripe for potential devolution, as Scholtz said security teams often have responsibility to determine the value of data and how it can be used, as do the teams that use that data . Yet both teams exist in their own silo and duplicate elements of each other’s work . Giving the job to one team could therefore be useful. He also pointed out that security teams’ natural proclivities mean they are often not the best educators inside a business, yet other teams are dedicated to the task and therefore excellent candidates for the job of explaining how to control risk. Scholtz’s research led him to believe that organisations will still need central security teams, but that devolution is unlikely to hurt if done well .
Indeed, he said he’s met CIOs who are already making the idea happen, by always looking for other organisations to take responsibility for tasks they don’t think belong in a central technology office. Making the move will also require a culture that sees people willing to learn, fast, and take on new responsibilities . Organisations considering such devolution will also need strong cross-team co-ordination structures, plus the ability to understand how to integrate security requirements into an overall security solution design.
Even those organisations who ultimately see such devolution as too risky, Scholtz said, can still take something away from the theory, by using it to ensure that business unit or team leaders feel accountable for securing their own tools .
Devolving security can also help organisations identify which security functions have been commoditised and are therefore suitable for outsourcing.
Spanish officials are to boost security at crowded areas and sites popular with tourists following two attacks in the country. The attacks, both claimed by the Islamic State group, left 13 people dead in Barcelona and one woman dead in Cambrils. There are 53 people still in hospital, 13 of them in a critical condition, while another 78 people have been released after treatment.
Image: Thirteen people were killed in the Barcelona attack and dozens injured
Spain’s interior minister Juan Ignacio Zoido confirmed increased security for events that draw large crowds as well as at popular tourist sites. Spanish media also said that security at the border with France was being strengthened, while French police carried out extra border checks on people arriving from Spain. There will be extra security at Barcelona’s Camp Nou stadium today, with nearly 100,000 people expected for the team’s first game of the season against Real Betis. The game will include a minute of silence for the victims and Barcelona’s football team will wear black armbands and special shirts, bearing the Catalan words for “We are all Barcelona”.
:: Imam’s home raided as police hunt terror mastermind1 Catalan regional police are mounting road blocks in the northeast of Spain as officers search for at least one man suspected to have been involved in the Barcelona attack, who is still on the run.
Younes Abouyaaqoub, 22, is a Moroccan national who was living in the Spanish town of Ripoll, where his flat is one of nine addresses raided by police on Saturday. He is not believed to be among those held or shot dead by police in the coastal resort of Cambrils, where the second attack took place. Earlier, Spain’s King Felipe and Queen Letizia visited the site of the attack at Las Ramblas, placing a wreath and two candles on the ground. They were accompanied by Catalan regional president Carles Puigdemont and Barcelona Mayor Ada Colau.
Image: The royals visited victims of the Barcelona attack in hospital
Earlier, the royal couple visited a hospital where many victims from Thursday’s attack were being treated, also speaking with medical staff. Catalan emergency services have said that seven of the 14 victims have been identified from both attacks, including four Spaniards, two Portuguese and an Italian, while family members or government officials have said a US man, a second Italian and a woman from Belgium were also killed. Spanish authorities have also said that the terror cell behind deadly twin attacks has been “dismantled”3. In a news conference, interior minister Mr Zoido said the cell comprised 12 young men, many of them Moroccan, and some teenagers.
“The cell has been completely dismantled,” he told reporters.
- ^ Imam’s home raided as police hunt terror mastermind (news.sky.com)
- ^ The victims of Spain’s terrorist attacks (news.sky.com)
- ^ terror cell behind deadly twin attacks has been “dismantled” (news.sky.com)
For a seaside resort where nothing is officially happening, the town of Beidaihe in northern China has a lot of security. There is an armed police checkpoint on the outskirts. We’re stopped again for another passport check further on. Uniformed officers are stationed at regular intervals along the roads, their plainclothes colleagues, identifiable by plastic earpieces, standing nearby. By the beach, among tourists carrying rubber rings, we saw armed paramilitary police.
Image: Communist Party villas near public beaches
No one will confirm it, but they are here to protect China’s Communist Party leadership, thought to be holding its annual secretive summit at the resort. Mao Zedong started the tradition in the 1950s, with the party elite decamping to the coast to escape the stifling Beijing summer heat, to decide the country’s future in private. For all the appearance of modernisation in China, in 2017, this is still how power is exercised in the “People’s Republic” – behind high walls and carefully guarded gates. There is no mention of the meeting in state media. The only indication it has started is the sudden absence of senior officials from evening news bulletins, and the simultaneous appearance of heavy security on the streets of Beidaihe. On one side of a long fence is the crowded public beach – on the other, the manicured, private sands of the Communist Party villas.
Image: Black cars sweep through at speed
At intervals, black cars sweep through at speed, as ordinary traffic is halted to let them pass. But then we were ordered to stop filming . When I asked why, I was told: “Because we are police.” More plainclothes security agents followed us along the street, before stopping and questioning us about what we were doing there, and taking our names and passport details.
Image: Sky’s Katie Stallard was stopped by officers
This is a crucial year for General Secretary Xi Jinping, who appears to be consolidating his personal control ahead of an important party congress this autumn, which will determine the country’s leadership for the next five years. He may also signal whether he plans to step down in line with the recent convention of serving two terms, which would end in 2022, or intends to stay in power. At a military parade1 to mark the 90th anniversary of the founding of the People’s Liberation Army recently, President Xi appeared, unusually, as the only civilian on the podium, and reviewed the troops in combat fatigues.
Image: China’s President Xi Jinping
“Xi was wearing his commander-in-chief hat both literally and figuratively,” Andrew Polk, co-founder of Trivium China explained. “This is a very clear signal that Xi is in charge of the army, which is part and parcel of being a powerful leader.
“The message is: I’m in charge of domestic politics, I’m in charge of the military apparatus, the nation is strong, and I am the leader of that strong nation.” Back in Beidaihe, we found more clues to who was in town on a roundabout, where red characters spelled out: “The Party is in my heart, welcome the 19th Congress.” There were more warm words for the Party’s leadership on the beach.
Image: One of the packed public beaches in Beidaihe
“I think it’s quite normal that the government take some measures and they have the right to do this their own way . They do that for our country’s safety and people’s happiness,” one man assured us. Soaking up the sun nearby, another man told us: “China has thousands of years of history . It needs time to develop, but I think China is getting better and better.”
If Xi Jinping could have heard him on his side of the fence, he would have approved.