I used to sell quantum cryptography for the last year or so. Talking to CIOs and CISOs their problem with security was 99.9% the basics leaving them very little time for planning ahead.
When I've discussed new metropolis builds going in the Middle East, they place security and data far further up the list of priorities. A new global issue is that a country infrastructure needs, not to cope with invasion, but to protect itself from online and terrorist attack using data.
Companies are ill prepared:
a) third party vetting of risk and security is an art, and one that most companies don't have the budget for.
b) ongoing services management requires security to be way up there.
c) security needs to open up between companies, sharing intel just like the governments do. There are a number of companies doing this - quite a few banks are working together to solve this, allowing an attack to be quickly protected against by the other organisations. I've been in discussions with the UK and Spanish trade teams where they've discussed how this really made a difference.
When I've discussed new metropolis builds going in the Middle East, they place security and data far further up the list of priorities. A new global issue is that a country infrastructure needs, not to cope with invasion, but to protect itself from online and terrorist attack using data.
Companies are ill prepared:
a) third party vetting of risk and security is an art, and one that most companies don't have the budget for.
b) ongoing services management requires security to be way up there.
c) security needs to open up between companies, sharing intel just like the governments do. There are a number of companies doing this - quite a few banks are working together to solve this, allowing an attack to be quickly protected against by the other organisations. I've been in discussions with the UK and Spanish trade teams where they've discussed how this really made a difference.