Although cybersecurity plans sometimes clash with business goals, the role of security should be to enable the business and not necessarily lock everything down, says Andrew Woodward of Australia's Edith Cowan University.
There's a rush to cloud services, and that can offer security benefits. But it can be difficult to keep track of data and classify it in the cloud, says Neil Campbell of Telstra, a telecommunications company.
Securing the public cloud is not as challenging as it used to be, but too many organizations are still taking the wrong approach, says Microsoft's Jonathan Trull. Understanding the shared responsibility model for security is critical, he says.
Security silos persist because stakeholders within the enterprise security ecosystem are focused on their own key performance indicators, says Abdallah Zabian of DXC Technology, who suggests a more holistic approach is needed.
The EU's General Data Protection Regulation has significantly raised privacy awareness worldwide in the brief time that it's been in force, says Rob Hinson of OneTrust. Organizations are revamping both internal and external privacy programs to meet the minimum global standard, he says.