There is no choice: Eternal vigilance
against clever hackers, greedy
cybercriminals and clueless employees
is part of the cost of doing business.
But companies can still choose how they
defend themselves. Some companies are
moving away from Microsoft products.
Others have started to treat security as a
risk management issue rather than an IT
problem: Instead of being a function that
installs firewalls and enforces rules, IT
security has become part of an overarching
strategy of minimizing strategic and
legal risks. So far, this broader approach
to security is working. Meanwhile, compliance
is coming to the end of its run
as an urgent priority, since most companies
have achieved compliance with
the Sarbanes-Oxley Act. But there is an
important carry-over effect: Companies
are still upgrading their financial systems
and processes. Most IT executives believe
there are still plenty of opportunities
for automating the finance function.
17. No abatement of IT security threats
18. Security concerns turn users away from Windows
19. Security morphs into risk management
20. Compliance achieves what government intended
21. Compliance spurs financial process improvement