The Changing Landscape of IT Security
The IT landscape is changing because of such shifts as cloud computing, a proliferation of mobile devices, internet accessibility on a variety of devices, and more sophisticated internet based applications. As the pace of change in the world of IT Security continues to move along, there is a need for a fundamental rethinking of how to approach security.
The basics still apply - threat identification, risk and cost benefit analysis, determination of levels of acceptable risk. But the scope and range of the risks has changed dramatically. For example, the global nature of modern IT systems vastly increases the number and type of risks that most systems face.
Ernst and Young has released a white paper addressing these very issues - essentially a roadmap for applying the basics in the new environment. It can be downloaded free from the E&Y site.