CIO - So, a guy walks up to another guy who is clapping. The first guy asks, "Why are you clapping?" The second one answers, "To keep the alligators away." Confused, the first guy says, "But there are no alligators around here." And the second says, "See? It's working!"
Such is the situation that many CIOs find themselves in when selling IT security to the executive committee. "When the CIO says, 'I'd like to spend this amount on security,' it's rarely, 'Are you sure you're spending enough?'" says Steve Rubinow, CIO of FXall, an electronic foreign exchange platform. "Instead it's, 'We haven't had any problems; maybe you're spending too much!'"
The ROI Paradox. Perhaps the clearest aspect of the IT security paradox is this: "There is no easy ROI on security." And, says Rubinow, you cannot guarantee that your systems are 100 percent secure. Plus, security threats can be subtle, with countries targeting intellectual property, not customer data.
Already an Insider? Sign in
Free Insider GuideCopyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
You are previewing premium content. 
