Cos Should Incorporate IT Security Into Corporate Governance Framework

Since 2008, numerous technology trends have moved into the mainstream. Mobility, cloud computing, social media and recently BYOD (Bring Your Own Device) are the primary technology trends impacting the enterprise environment today. The explosion of these technologies has challenged the traditional security architecture, which has been unable to tackle the increasingly sophisticated attacks.

Digital attacks ranging from phishing attempts, and theft of proprietary information, to denial of service attacks, shook several Indian financial institutions last year. With the rising number of such instances due to increasing adoption of trends like mobile banking and e-commerce, enterprises have been compelled to revisit and restructure the security setup and increase adoption of highly-secured solutions.

Also with the increase in the number of Advances Persistent threats (APTs), Information security risks is becoming a major concern and hence a boardroom discussion for enterprise decision-makers today. To overcome the rising complexity of threats, security solutions are required to not only delve into security-related deficiencies to minimise gaps, but also facilitate the integration between business and technology.

According to Ekta Aggarwal, Program Manager, ICT Practice, Frost & Sullivan, South Asia, Middle East and North Africa, “The increasing sophistication of the threat landscape necessitates a shift from the threat management approach and adoption of a risk management perspective towards IT. With IT becoming synonymous with driving business processes, securing IT assets forms an important part of an enterprise’s efforts in minimising business risks. Therefore, enterprises would do well to incorporate IT security into their corporate governance framework.”