The management of information security
More that just the job of IT departments as the importance of data varies
Attacks on corporate information systems by hackers, viruses, worms, and the occasional disgruntled employee are increasing dramatically _ and costing companies a fortune. Last year, US businesses reported 53,000 system break-ins _ a 150% increase over 2000. Indeed, the true number of security breaches is likely to have been much higher because concerns about negative publicity mean that almost two-thirds of all incidents actually go unreported.
Although information security has traditionally been the responsibility of IT departments, some companies have made it a business issue as well as a technological one. This year we studied security best practices at Fortune 500 companies, particularly 30 that had recently appointed a senior business executive to oversee information security. (According to an April 2001 estimate by Gartner, half of the Global 2000 are likely to create similar positions by 2004.) A handful of these Fortune 500 companies are now adding strategic, operational, and organisational safeguards to the technological measures they currently employ to protect corporate information. Full Story