A recent U.S. Government Accountability Office report warned that cyber-threats facing federal networks and the country's critical infrastructure are becoming increasingly sophisticated. And while the number of attacks is exponentially growing - security incidents grew by over 200 percent from fiscal year 2006 to fiscal year 2008 - the report concludes that the country is not optimally prepared to protect itself from such attacks.
Although this particular report is in reference to government networks, enterprise security is as vulnerable, if not more so. Rapid advances in communications technology have been accompanied by an equally rapid increase in security threats, the growth of cybercrime and the introduction of new security regulations.
New business models such as cloud services and Web 2.0 mashups are being rapidly adopted without mastering how to make the technology less vulnerable, according to industry experts.Although security has always been a major concern for enterprises worldwide, today's requirement for new business models, the pace of technological change and the emergence of a new, more sophisticated wave of cyber criminals, and demanding regulatory environment are making security more challenging for enterprises of all sizes.
Being a dynamic enterprise in this environment is only half of the formula for success. The other half requires an organization to become a trusted, dynamic enterprise by making security a positive enabler and a dynamic, integral, part of the enterprise rather than a static add-on.
To achieve this objective, enterprises must have a corporate-wide strategy - a security blueprint - that allows the enterprise to be open for business and provides a trusted environment.
According to Ruggero Contu, principal research analyst at Gartner, businesses should recognize that new threats or vulnerabilities may require security spending that exceeds the amounts allocated, and "should consider setting aside up to 15 percent of the IT security budget to address the potential risks and impact of such unforeseen issues."
An Alcatel Lucent whitepaper recommends a "user-centric" approach to security that is delivered from within the network to protect networks, people, processes and knowledge.
With a security blueprint, enterprises can efficiently transform themselves into a trusted dynamic enterprise by addressing enterprise security from the perspective of the network, people, processes and knowledge to drive business performance.
