Serious Security
With the increasing possibility of security breaches, is IT security being taken seriously enough by today's CIOs?

In today’s corporate world, everyone is aware of the increasing possibility of security breaches. Not only is the criminal getting smarter, with the birth of the internet there are many new fraud possibilities.

We also hear about landmark internet fraud cases, identity thefts and personnel theft from inside the business. Yes, some of the corporation’s greatest threats lie within their own walls - often unconscious mistakes, but also pre-meditated crimes.

Is it fair to say that most of these crimes are committed through technology? And that if so, is it the job of the CIO and their team to combat security issues? Well the answer to both questions is yes. Not all security is technology orientated, but most solutions can come from
technology.

Yet, as we stand today, most companies use reactive methods to prevent security breaches. A good example is that to keep people outside a companies network, the company bans known methods of entry. But the criminal mind is acting proactively. The market believes there is lot more a company can do to spot bad behaviour - this is proactive prevention.

The fact is it seems that most innovation is coming from outside - from the threat itself, and not enough proactive measures are being taken by companies themselves. Why is this so, do CIO’s share the same view? Is it we do not have the funding to research all preventative methods, is it that the priority isn’t high enough?

It is true that if there are more public cases of losses and risks taken by companies, industry would react with greater force. Something needs to shift CIOs to allocating more budget and more insight into proactive methods for security prevention, otherwise another economic earthquake could arise from poor security insight.