Every security expert at solution providers serious about maintaining a lengthy relationship with their clients told CRN that technology alone will not adequately mitigate threats. Deploying a security appliance or software without understanding the data assets being protected may give executives peace of mind, but it's not going to prevent an attacker from gaining access to systems containing sensitive data, said J.J. Thompson, managing director and CEO of Rook Security. "The channel may not like to say it, but the key to organic growth is not by selling more appliances," said Thompson, whose business specializes in security risk assessments and managed security services.
Reducing internal threats begins with creating a culture of security, says Thompson and other security experts. It takes a sustained security awareness program. It takes a consistent message that executive leadership values data security and employees must embrace strong security practices for long-term success.
CRN has brought together five technology areas that should be coupled with security training and data identification and classification projects.