Your company's security needs are as unique as your fingerprints. So where do you turn for the exact answers you need? You talk to your peers, attend conferences (when travel budgets allow), surf the media in print and online, listen to vendors and pundits, test products and hold your breath a lot.
One big reason it's difficult to exhale: Adequate budgets to cover your security needs are rare. Datamonitor, a global market analysis firm, estimated recently that the total cost of online security breaches to U.S. corporations runs to $15 billion annually. Yet only 30% have implemented enough protection, and half of those businesses spend less than 5% of their total IT budgets on security.
On your mental checklist of "Security Things to Worry About," the topics must move around quite a bit. One week, it's a virus rampage affecting e-mail servers nationwide; the next, it's another revelation about the havoc vengeful employees can wreak on internal networks. If you had to name your No. 1 security concern a month from today - with absolute certainty - you probably couldn't.
That makes your information needs much more dynamic than ever before. You don't need a random smattering of interesting articles about IT security as much as you need a center of knowledge that keeps growing. That's why, in the first installment of our new monthly In Depth series on enterprise IT topics and technologies, two-thirds of this issue, starting on page 33, is devoted to an exploration of the risks and rewards of enterprise security. More important, the online parts will expand into a knowledge center worth returning to as your needs change.
For example, one of our In Depth print stories ("False Alarms," page 42) probes the managerial ups and downs of working with intrusion-detection systems (IDS). The companion online-only component supplies IDS product data plus an expert research paper about some inherent flaws in these systems. In that same fashion, each story in the package is linked to a richer set of dynamic resources online at Computerworld.com.
In future installments, we'll tackle other IT topics. Let us know what you'd like to see in these knowledge centers. We'll do our best to help you learn more and worry less.
Maryfran Johnson is editor in chief of Computerworld. You can contact her at maryfran_johnson@computerworld.com.
Security Risk and Reward
Stories in this report:
- Want to Save Some Money? Automate Password Resets
- Knowldge Quest
- Companies Need Security Pros With More Varied Skills
- Finding Answers
- The Enemy Within
- The Threat of XML
- SOAP, Other Protocols Specify Security for XML
- The Problem With Power
- Top 10 Security Mistakes
- Playing By Europe's Rules
- False Alarm?
- An Ounce of Intrusion Prevention
- Deadly Pursuit
- IDS Products and Prices
- Should You Outsource IDS?
- Who He Is
- Manager Offers Primer On Computer Forensics
- Unlocking Secure Online Commerce
- Too Late For Digital Certificates?
- Giving Users Back Their Privacy
- Feeling Safe With IT Security Deals
- Finjan's Software Bolcks Active Content Threat
- Security Statistics
- The Guardian
- Congress Considers Slew of Bills That Will Affect IT, E-Commerce
- U.S. Legislators Ponder Masses of Bills; Outlook Remains Murky
- Rule Changes May Further Protect Company Security Data
- Getting Started in Computer Forensics
- PKI Carries the Mail for U.S. Postal Service
- Security by Syntax