With each new technology innovation that hits the market, one of the first questions IT Principals will ask when considering to implement it is, what is the security risk? This is not just a case of being overly cautious. As more business data and operations are moved into a digital realm, ensuring their safety becomes even harder.
The recent "Internet Security Threat Report" from Symantec shows why IT departments are taking such an intense interest in cyber security. According to the study, last year the company blocked more than 5.5 billion malware attacks. That is an 81 percent increase from 2010. There was also a 35 percent increase in Web-based attacks and a 41 percent increase in new malware variants.
ComputerWorld spoke to several industry experts about the study and what they are doing to ensure their company data stays safe. One trend that emerged is that there is a lack of proper communication between IT departments and the rest of the company to make sure everyone is on the same page. Without employee buy-in, no security practice can be successful.
Malcolm Harkins, the vice president and chief information security officer at Intel was interviewed in the piece about his ultimate desire for IT security protocols. Harkins' goal is to get employees to go beyond compliance toward full commitment to protecting the company's information.
"Compliance is necessary, but it's not sufficient," Harkins said. "If they're committed to doing the right thing and protecting the company, and if they're provided with the right information, [then] they'll make reasonable risk decisions."
In the end, ensuring employees understand all of the company's technology security protocols lands on the shoulders of the IT department. Tech professions that have the intangible skills to spread the message and be personable with the rest of the workforce can be hard to find.