Definition

Jericho Forum

What is the Jericho Forum?

The Jericho Forum is a global organization formed to help members deal the challenges of information security in an increasingly complex environment.

In 2003, a group of CISOs (Chief Information Security Officers) gathered to discuss the security issues created when organisations work in collaboration with third-party suppliers and sub-contractors and the corporate boundaries are increasingly blurred. A member of the group, Paul Simmonds, coined the term deperimeterization to describe the breakdown of network boundaries.

The Jericho Forum grew out of that gathering and came into formal existence in January 2004. The Forum seeks to protect enterprise systems and data on multiple levels, through a well-defined mix of encryption, secure protocols and data-level authentication. To that end, the organization exists to articulate member needs and motivate development of products that meet those needs.

Current members from Europe, North America and Asia Pacific include government organisations and academics as well as customer and supplier companies. Member representatives are usually CISO/CTO or other C-level employees. The Open Group oversees the Forum.

The Forum says it is "dedicated to the idea that success in today's business environment is dependent upon the ability to collaborate and do business by enabling the secure flow of data over the Internet." A current focus of the Jericho Forum is securing collaboration in a cloud computing environment.

This was last updated in April 2012
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchSecurity.co.uk-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

  • Consider a compliance-driven security framework

    Midmarket companies bound to regulations such as PCI DSS, HIPAA and Sarbanes-Oxley should consider using these requirements as the basis for their security programs.

  • Q&A: Google to defend cloud computing security

    Cloud computing is changing the way we do business; the scalability, flexibility and cost savings are seductive, even irresistible. But, as with every "next big thing" in technology, security is a potential stumbling point. The distributed computing that makes the cloud model possible makes it difficult, perhaps impossible, for customers to implement and enforce the kind of controls they would normally exercise with service providers.

    Moreover, regulatory compliance can become an issue, as the very nature of cloud computing can impede on traditional controls and audit inspection. Google is one of the leaders in the young cloud computing market, and is trying to make a strong case for its security program. In this interview, Eran Feigenbaum, director of security for Google Apps, describes the security strengths and some of the limitations of cloud computing, and how Google works to ensure data security and privacy. Here are some excerpts.

    Feigenbaum will attend the 2009 RSA Conference in San Francisco, California and participate in a panel discussion titled: "Cloud computing – secure enough for primetime today?"

  • Standards and guidelines for system hardening

    When hardening a system, what specific standards or guidelines should information security pros adhere to? Security management expert Mike Rothman explains.

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com