A New World of IT Risks: Are CIOs Up to the Challenge?
by Irfan Saif
CIOs, along with security and compliance teams, are often responsible for managing risk across the enterprise IT environment while taking steps to be sure that the business is being served appropriately. The disruptive forces of cloud computing, social media, and mobility are all hitting CIOs at the same time, introducing a broad, new set of risks and security challenges.
You may be pressured by a strong desire from your business counterparts to rapidly adopt nascent or rapidly evolving technologies and solutions in order to compete in your marketplace. In some cases, this need for speed even leaves the IT leaders out of the discussion altogether until after the services or applications have been procured or deployed.
This rapidly evolving enterprise technology environment makes it more important than ever for CIOs to get a handle on what the real risks are within your IT ecosystem. How do these risks impact your business and your IT department's three pillars of confidentiality, integrity, and availability? What is IT going to do to manage these risks?
The problem is made more complex by the sheer volume -- and value -- of data, both structured and unstructured, that is produced by your organization's business processes and relied upon for much of your company's decision-making practices. Add in the skills and resourcefulness of cyber criminals, hackers, corporate spies, intellectual property pirates and the underground network of "service providers" who support their activities, and the complexity of the challenges you face starts to become apparent.
One thing is clear -- the compliance-based approach that so many enterprises have chosen in the past is often not a practical way to manage the real risks facing CIOs.
Consider these recent developments, which will only intensify in 2011: