Unisys is a global IT service provider and like every other IT organization, it needs to secure its own infrastructure and users. Helping to lead Unisys' security efforts is Chief Information Security Officer Dave Frymier, who uses a mix of technology and processes in his job.
In a video interview with eWEEK, Frymier discusses the role of CISO, security metrics, two-factor authentication techniques and how he is using a Unisys technology called "Stealth" as part of his toolset to keep information secure.
"What I tend to do is much more related to governance, figuring out what to do, cost-justifying it and communicating with other executives within the company about why we're doing the things we're doing," Frymier said.
From a security metrics perspective, Frymier makes use of dashboards that show the current and desired state for security compliance efforts. For day-to-day tactical items, there is a report that is shared among the technical practitioners to complete needed tasks. Additionally, there is a monthly package of metrics that includes multiple statistics, including number of infecting machines, virus infection rates by country, vulnerability scanning statistics, time to remediate vulnerabilities and patch status.
One of the key tools used by Frymier's teams is a software product called Stealth, which is developed by Unisys. Stealth provides organizations with a way to protect their most critical data by hiding it, he said.
"So when advanced threats get inside your organization's perimeter and they start looking laterally for your high-value targets, if you have them hidden behind a wall of encryption that the bad guys don't have a key to, then you can keep them from finding the good stuff," Frymier said.
Watch the full video with Dave Frymier, CISO of Unisys, below:
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist