Enterprise Mobility & the Connected Worker Blog

Q&A with Samsung Business CISO Sam Phillips

by Eric Klein | 07/05/2016

VDC has been tracking Samsung's mobility initiatives for several years now. The company has established a marquee consumer mobility brand and is continuing to make moves to further expand its enterprise and government business. Samsung has been very successful in embedding security into its platform and hiding many sophisticated functionality that safeguards their customers’ devices from data leakage (core to the company’s strategy is Samsung's proprietary Security Enhanced (SE) Android platform). But the company is going a lot further; beyond its hardware, the Samsung has been pursuing a differentiated approach to reach enterprise customers by developing a robust partner ecosystem with an emphasis on security.

We had the opportunity to catch up with Sam Phillips, Chief Information Security Officer at Samsung Business to learn about the company’s views and recent initiatives and partnerships.

VDC: Mobile devices have for all intents and purposes blown away the notion of a corporate network perimeter, threats now extend much further than devices—what questions should security professionals be asking as they modernize their infrastructure and expand application access to mobile platforms?

Phillips: With the evolving workplace in mind, more than ever, businesses need to be flexible in their approach. Security professionals within organizations need to understand the business opportunities and needs, assess the threats associated with mobile deployments then select and apply the appropriate tools to manage the risks while enabling the business to innovate and transform.

VDC: Changing work styles increase employees’ desire or need to work at any time, from any location, with data that is accessible from the company network, the Web, or the cloud. IT departments are thus dealing with a moving target and require a broad range of protective measures.

VDC: What advice would you give to companies that are trying to make their systems and networks more secure?

Phillips: The ubiquity of mobile devices today means that businesses of all sizes can make significant gains in business outcomes, but many struggle with deploying enterprise-grade security to adequately protect their critical IT systems. Businesses today want simple solutions for complex challenges. The goal is to ensure that organizations have the proper mobile security strategy, policies, tools and infrastructure for their needs and business objectives. With this model, organizations can address issues specific to mobile environments, such as discovering what's needed to protect critical applications, data and services from compromise while enabling the employees to do their work with the minimal amount of impact.  

VDC: Over the past year there has been a noticeable uptick in the media about cybersecurity incidents and data breaches, what do you think is the main reason for this increase in malicious activity?

Phillips: As the mobile user base increases, we can only expect to see an uptick in cybersecurity incidents and data breaches. It has become more of an “if” rather than “when.” Technology is advancing at a fast pace and technology intelligence is many times a step ahead already, including those with bad intents. They key is to be prepared and think ahead, which is what we are doing through partnerships like Booz Allen Hamilton.

VDC: Few IT departments have built a strong competency in mobility, and even fewer view mobility as core to their business. While mobility is starting to become a necessity for business activities, many companies are really just beginning to develop a mobile strategy. How can Samsung participate and help companies along?

Phillips: An organization can use this new method to better align its mobile strategy with its business requirements, allowing it to establish mobile technology architecture that complements its overall business and technology architecture. Businesses should establish a committee for mobility consisting of personnel from both business and IT to ensure that the alignment with its overall business strategy is maintained and optimized. Our unique methodology allows organizations to implement security architecture and policies that are aligned with their specific business needs. Few, if any, security practices take this holistic approach to an organization’s security posture with mobility.

VDC: Thank you for your insights Sam—we appreciate your contribution to our Q&A blog series!

SamSam Phillips is a senior technology executive with extensive experience in establishing and growing technology, security and risk programs in large international corporations as well as medium sized companies, including establishing and developing business requirements, creating and implementing governance and architecture models, infrastructure development and executing critical processes, products, and services with a strong focus on security, quality and availability.

View the 2017 Enterprise Mobility & Connected Devices Research Outline to learn more.