The Undeniable Value of Context

​Maurizio Canton, European CTO, TIBCO Software

The importance of context should never—ever—be underestimated. Put up a sign across a path saying “Keep Out” and you can guarantee it will be ignored, and by a sizeable majority. Put up one saying “Keep Out, Unexploded Bomb” and although a foolhardy few will carry on regardless, most will take heed and stay away.

The same also applies to data where we’re pretty much accustomed to the idea that, by looking for patterns, we gain access to a whole new layer of added information. Indeed, that’s pretty much what business intelligence and data analytics are all about. By going one step further and adding in the context in which data is created and gathered—the who, when, why, and how—you open up a portal to a completely new dimension. Put simply, context can turn information into knowledge—and as we all know, knowledge is power.

Another example might help here, much like the “Keep Out” sign mentioned earlier, but this time applied to IT. Instead of signs, however, applications employ authentication technologies to determine who’s allowed in. Technologies that have very little context to work with typically apply the same level of security regardless of who or where users are, the type of device they happen to be using, and so on.

This approach works, but tends to be heavy handed with applications assuming the highest level of risk in the majority of circumstances, then mitigating that risk by limiting what all users are allowed to do. Factor the “who, when, why, and how” context into the equation and application security can be tailored to the actual, rather than assumed level of risk. Users connecting via a VPN, for example, can be given more rights than those using the general Internet for access; Wi-Fi users can be directed to a guest VLAN; platform-specific malware automatically screened and blocked, and so on—all of which allows applications to be made much more responsive to what users, increasingly, expect to be able to do online regardless of how they connect or interact with the applications involved.

Of course, this use of context can’t just be magically switched on, and for context to be included when collecting, analysing, and acting upon data, a whole raft of technological advances are needed. But these are being made and very rapidly, largely in the wake of our ongoing love affair with mobile devices and—more recently—the ability to establish context more easily through the intelligence available via the Internet of Things.

Added to this, the science of data analytics is moving forward to both better understand and employ context when analysing information and to take action in real time, based on that understanding. We’ve been emphasising this concept of Fast Data here at TIBCO for some time.

It’s all starting to come together, with ubiquitous embedded intelligence combined with pervasive analytics driving the development of agile and responsive applications, alert to their surroundings and able to initiate action appropriately.

Moreover, enhanced context-aware security is only one example of this growing capability. By understanding the context of the data they gather and analyse, applications are increasingly able to not only adjust their security response, but also the way in which information is delivered to the user—tailoring the experience in ways they understand and appreciate, rather than simply putting up “Keep Out” signs.

Maurizio Canton, European CTO, TIBCO Software

As EMEA CTO for TIBCO Software, Maurizio is responsible for ensuring consistency of technology vision, providing strategic sales support and support for AR, PR, marketing and M&A initiatives, as well as serve as a conduit for the Global CTO function. Maurizio has more than 25 years of experience in IT, working for several software vendors, such as TIBCO Software, IBM, Siebel, SOA Software and Red Hat.

Join the CSO newsletter!

Error: Please check your email address.

Tags identity theftrisk managementidentificationContext Information SecurityIT managementcyber security

More about IBMRed Hat

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by ​Maurizio Canton

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place