By Tanu Sood on May 08, 2013
Earlier this morning, the feature on Biggest IT Security Failures on CFO Insight caught my eye. The article captures some of the more well known recent IT security incidents and discusses how these news stories may just be the tip of the iceberg. Bigger stories around cyber-espionage (check out the blog post from Oracle’s Ricardo Diaz on this subject) go unnoticed or unreported.
Looking at the companies mentioned, it is obvious that IT Security is not really about budgets. Or rather, it is not ONLY about budgets. If throwing money at the problem will have gotten rid of the problem that is "security breaches", big brands wouldn’t have made the headlines with these news stories. A smarter, Security inside out approach is called for. Secure the data where it resides, build in security within the layers from infrastructure, database, middleware to applications, and manage access to these systems. Adopt a platform approach to security so that your resources, all the way from infrastructure up to the applications, can leverage security processes and solutions in a standardized, repeatable and consistent way. This will also allow you to extend your security framework as your infrastructure grows or as you look to support applications in the cloud or mobile access. Build a sound security platform and then leverage it across it all and through time to maximize your existing investment. A standard security platform also eases your compliance burden since you will not be dealing with silo’ed information.
Take a look at Oracle’s platform approach to Identity Management and tell us what you think.