Editor's Note: Security Needs To Become IT Basic - InformationWeek
11:46 AM
Stephanie Stahl
Stephanie Stahl

Editor's Note: Security Needs To Become IT Basic

The bad news: More than 76,000 security incidents were reported in the first six months of this year (only six thousand less than the reported incidents in all of 2002); fewer businesses rank security as high a priority as last year; and fewer plan to increase their spending.

The good news: Many companies think they've already invested in the fundamental security infrastructure they need; security tools have become more plentiful and more effective; and companies have more information and ways to fix vulnerabilities.

The gap: The threats are getting worse each day. The attacks are becoming "blended" and take advantage of multiple software vulnerabilities to wreak havoc on a system. So why then aren't companies making security a higher priority and investing more in protecting critical data, networks, and systems?

After poring through the data from the 2003 InformationWeek Research U.S. Information Security Survey and interviewing dozens of companies, George V. Hulme, senior editor, says he's surprised at how many companies still consider it a "grudge spend"—a necessary evil with little demonstrable value day to day.

In my early years at InformationWeek, more than a decade ago, there were many companies that felt that way about IT. They got squeamish about publicizing how much they spent on IT because that was a pricey capital expense designed to get something done. Fast forward to today, however, and the value of IT is phenomenal—businesses can't innovate without it, processes can't improve without it, and productivity can't increase without it. So, I'm hopeful that there will be a time when more business–technology executives feel the same way about security.

Stay tuned. In September, we'll bring you the results of our Global Information Security Survey.

Stephanie Stahl

To discuss this column with other readers, please visit Stephanie Stahl's forum on the Listening Post.

To find out more about Stephanie Stahl, please visit her page on the Listening Post.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll