Security will be key to survival

Font Size

Print

Feedback

Email

Discuss

Related Articles

Web addresses to get more leewayYahoo board to discuss Microsoft offerFoundation behind Wikipedia hires a felon as COOMicrosoft, Google, Yahoo to settle gambling claims

: In a recent study, we found that the online underground economy has matured to such a degree that the value of stolen goods and fraud related services traded is estimated at millions of dollars. From July 2007 to June 2008, Symantec researchers found that the value of total advertised goods on underground economy servers was more than $276 million. Amidst this stark reality, it is clear that the global economic crisis will open doors to more number of phishing attacks, data thefts, spam and scam attacks, and many such of its kind.

Against this backdrop, if you felt that the global economic downturn was going to affect enterprises from investing in information security, you need to think twice. Information security will be the bright spot in the financial downturn.

I say so from what I see —and I see enterprises and the people running them, getting more and more conscious and cautious towards the IT risks that their businesses may run into. There is no single driver behind this decision; in fact there are multiple compelling reasons. Today’s business environment is characterised by an unrelenting demand for real-time information from employees, partners and customers. This puts an enormous amount of pressure on businesses and IT organisations when you consider three variables: the compounding amount of information that companies have to store, secure and manage; the increasing infrastructure complexity within the organisation; and the diversity of government and industry regulations with which organisations must comply.

Given these dynamics, it is not surprising that security strategies have evolved within organisations to become more strategic, more expansive and more complex. Security is no longer just an IT function, but touches every part of the business—from CEO and board members responsible for company reputation; to HR, finance and legal that need to manage compliance; to business leaders that drive performance.

What will drive security in the tough economic times? Information—and the need to secure and manage it. The extraordinary growth of information is not going to take an abrupt halt in this economic environment. Information will continue to grow in leaps and bound and enterprises will have to ensure that information is well managed and secure from external and internal threats.

With recent security threats looming large both in the real world and the wired world, no one is willing to compromise on security and safety of their assets. With mergers, acquisitions and layoffs being common in today’s economic environment, terms such as data loss prevention have become increasingly important to ensure business continuity. Intellectual property (or information) in simple words needs to be protected at all costs. It is the key to business survival. Today, most organisations are addressing security and risk in silos, with groups implementing distinct and often disconnected processes and technologies to mitigate the risks. These risks are often interconnected, but unfortunately the processes and technologies are not.

In order to lower operational costs and make security more effective, proactive and measurable, enterprises will have to ensure that security is embedded throughout business processes from the very start. Policies have to be consistently defined and socialised before controls can be put in place. The most successful companies look at policy first, and then implement the technology to automate it. Not the other way around.

By operationalising security—standardising, automating and driving down the cost of day-to-day security activities—companies and IT can be much more proactive when it comes to protection.

Protection of your information is the key to survival. 2009 will be a year that is careful with its investments—there is too much at stake. No one is willing to take the risk anymore. Responsible organisations and managers do not want to be ‘penny wise and pound foolish’