Why has Information Security Gained Such a High Profile?
We hear about information security a great deal in the media and companies are focusing on it more strongly in their strategic plans. Why is this?
The first obvious answer lies in the large scale nature of recent attacks on organizations such as Sony, Google, Citigroup and the IMF - the sheer numbers of people and organizations put at risk because of the exposure of their data to misuse. But to find real answers to the question, it is necessary to look a little deeper. For example, one of the answers is the proliferation of disruptive technologies, like the cloud and smartphones. Another is the mobility of data across platforms. Yet another is the large scale of resources put behind the hacking activities, including allegations of State support for illegal online activity.
These are big issues, and each of them call for particular responses. So how is an organization to respond to this complex and fast moving environment? As a starting point, it seems the approach needs to be a strategic one. Nothing new here, but the strategy needs to be relevant to the challenges inherent in the new environment. Here the issue becomes more complex, especially in an era of tight budgets.
Deloitte Touche recently ran an interview of two of its Principals to discuss these issues. They place a high importance on a multi-dimensional view of the risks and prioritization as part of a strategy. Check it out.