• United States



Security As An Enabler

Jun 25, 20072 mins
Business ContinuityCareersData and Information Security

Andreas Antonopoulos (Yasoo Andreas) writes below that insufficient investment in security can lead to competitive disadvantage.  This is absolutely correct but in most cases the fault (if we must assign it) falls directly on the shoulders of those planning for the new toolset/solution.  Andreas also states that we must wield the security veto with care.  Agreed, 110% when we are even allowed to have a veto, which is few and far between.  Most of the time we are limited to saber rattling. When the business and IT leaders fail to include security considerations in their revenue generating and customer service focused solutions, everyone suffers.

Security can be a very valuable enabler for the business.  If the business and marketing alike would only understand that security can and should be used in their external messaging then maybe they too would understand the value of its inclusion from moment one of the thought process and demand its presence.

The security veto should be used, and used to send the business owners and IT leaders back to include security.  This should only happen once, maybe twice if they are in fact astute.  Inclusion up front needs to be the norm.  Vetos should be highly publicized internally for maximum affect.  The brunt of the cost should impact management bonuses as security should be tied to their appraisals and MBO’s. 

When we hit people in their pocketbooks, we usually get results.  Results then gives you the rewards you seek.

“I had the opportunity to benchmark this observation during my recent security research. Fully two-thirds of the responding companies had decided against using a technology or service because of security concerns. Many were forgoing investments in collaborative tools (instant messaging, wikis and so forth). Our research shows these tools can have a direct impact on top-line performance, when used by sales, for example. Insufficient investment in security can therefore lead to competitive disadvantage. When we wield the security veto, we must consider the cost of a missed opportunity. With sensible, controlled risk comes reward.” –By  Andreas M. Antonopoulos, Network World (US)