Expand Security’s Role and Enable Business
The battle to keep business data and systems compliant and safe from increasingly sophisticated threats is now a decades-long struggle. For much of that struggle, enterprise computer users and even some business leaders have perceived security as a necessary evil—irritating and costly policies and practices that they must endure, but which are secondary to the real mission of the business.
This attitude is beginning to change as business leaders recognize that good security practice is good business practice because of the prevalence of threats and the enormous cost of security failures. Today’s business environment is vastly different from the one in which outdated security models and perceptions evolved. For example, businesses are generating value and brand equity online using increasingly interconnected business strategies and processes. Organizations collaborate with each other, exchange sensitive data, and conduct business through many cloud-based services across many different platforms—including mobile devices, which are highly susceptible to loss or theft. Because the attack surface is greater today and the risk and costs of breaches are so high, these realities have created an environment in which security practice is—and should be perceived as—an obvious business enabler, as well as a mitigator, of risk.