If you are a chief information security officer (CISO) in a midsized or large organization, you might be familiar with this problem: The marketing department just launched a campaign and is collecting customer information on an unverified partner system. In addition, another business unit is launching a digital sales channel and has established its own…

It seems every major hack is accompanied by the pointing of fingers. And there are plenty of places to point them: the servers that weren’t patched, the retailer who hadn’t finished setting up an intrusion detection system, the high-ranking official who used his personal email to store secrets, the critical application with unfixed security holes…

Organizations cannot rely on commercial off-the-shelf (COTS) software to fulfil all their IT requirements: almost all companies develop their own custom apps. The majority of these apps, whether internal or internet-facing, currently run on datacenters owned or operated locally. By the end of 2017 this will change — the majority of enterprise custom apps will…