Over the past few weeks, I've heard several people discuss the impact that Y2K remediation efforts had on business continuity planning during the past two years. Some say it helped by getting companies to install appropriate backup systems. Others say that the minimal problems that occurred on Jan. 1, 2000, desensitized companies to the need for having to prepare for other potential disasters. Of course, now the unthinkable is thinkable and business continuity is top of mind--regardless of what anyone thought of Y2K efforts.
I was surprised, though, when I heard a senior VP of IT at a financial firm whose offices were destroyed in the World Trade Center attack warn other business-technology managers to be careful not to assume that the business environment will stay "pro planning"--and that lessons learned can be quickly forgotten. His point: After bombs went off in the World Trade Center in 1993, there was a spike in disaster-recovery planning and execution; but by 1995, he had to fight for dollars to keep such efforts moving forward.
It's hard to imagine today that IT managers will have to fight for business-continuity planning dollars two years from now. There's too much at stake--internal operations, customer service, and collaboration with partners. Surely, such planning and updating will become a constant in our changed world.
Part of that planning includes protection against cyberthreats. I was intrigued by a recent suggestion by Sen. Robert Bennett that the Securities and Exchange Commission start requiring companies to report on how prepared they are for cyberthreats. Doing so would allow customers and partners to decide whether the efforts of companies are good enough to do business with them. What do you think about potential SEC involvement? I'm not sure exactly what would be reported or how an appropriate level of protection would be measured, but I like the idea of knowing that the people I do business with are taking cyberthreats seriously. Of course, protecting against such threats means more than just bolstering internal security. In this week's issue, senior editor Alorie Gilbert reports on the vulnerabilities in the supply chain and the new rules of collaboration by which companies will have to play ("Security Beyond Your Borders"). Also, senior managing editor Karyl Scott peers into the future of security ("Zeroing In"); see how business, academic, and government researchers are applying the latest advances in physics, applied mathematics, and computer science to help secure the nation's IT infrastructure as new threats emerge.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.