One of the main issues I find across the information security industry is that we constantly need to justify our existence. Organizations have slowly realized they need to spend on IT to enable their businesses. Information security, on the other hand, is the team that is constantly preventing the business from freely doing as they please. IT is seen as a driver of success, and security can be, too. The security team just needs to learn how to enable the business.

When Shelley published his famous poem in 1816, he was telling us that the only constant in life is change. This was not a new concept, even then. Heraclitus proposed the same concept around 500 BCE with ‘Panta rhei’ (Life is Flux or everything changes). Even though we all know and understand this ancient concept, people still have difficulty with change.

A data breach remains a common headline in the news cycle. A different company, website or social network reports a security issue almost daily. If it feels like using the internet has become a risky endeavor, the feeling is accurate. But what exactly classifies an event as a data breach? The world wide web is littered with different security gaps and vulnerabilities. But that doesn’t mean they have been exposed or attacked yet.

It wasn’t a very long time ago when cloud computing was a niche field that only the most advanced organizations were dabbling with. Now the cloud is very much the mainstream, and it is rare to find a business that uses IT that doesn’t rely on it for a part of their infrastructure. But if you are going to add cloud services to your company, you will need to choose between the private cloud and the public cloud.

I have been on the receiving end of many vendor security assessments from customers and prospects. Here are some tips to increase the likelihood that you’ll get a timely, usable response to the next vendor security assessment that you send out.

Return on investment: is it worth the money? That is the central question both government and industry in deciding on any procurement. Demonstrating ROI on cybersecurity products is notoriously difficult and is one of the underlying reasons for the poor state of our nation’s cybersecurity posture.

“The best defense is a good offense.” History credits Revolutionary War hero George Washington with being among the first to vocalize this concept, later famously echoed by heavyweight boxing champ Jack Dempsey and football god Vince Lombardi. And it’s easy to see what they mean.

There are many rewards to being a world class cybersecurity solutions provider at a time when demand for effective solutions is exponentially greater than the existing supply – and getting greater by the minute. But, perhaps the greatest reward is to be asked to model best practices and product capabilities for the greater good of business and missions in a world class lab. Better yet, to collaborate with the most widely recognized standards body in the world to establish such a model.

Tripwire has been in the business of providing vulnerability management solutions with IP360 for about 20 years. With over 20,000 vulnerabilities discovered last year alone, vulnerability management continues to be an important part of most security plans. And most organizations agree.