Data theft, blended threats, spyware, breach notification laws --- the information security and regulatory compliance challenges with which companies wrestle is the same no matter how large or small they are. Company size, on the other hand, does seem to matter when it comes to just how corporations go about addressing these problems.
Conventional industry wisdom says that quite a few large enterprises -- especially those specializing in banking and finance -- have the budgets and resources to manage the various IT security issues they face. But small companies still often wait to fix network problems only after a breach has occurred.
For all organizations, the quandaries associated with securing corporate assets are endless, ranging from network security or end-user awareness training to budget and policy. But it seems nothing has plagued companies more consistently than identity theft threats and the disclosure laws that have made these incidents headlining news.
This month's cover story aptly begins then with an update from ChoicePoint's assistant vice president of information security, who offers some insight on what the data-warehousing enterprise has done to strengthen its information security stance overall. Medium- and small-sized organizations' IT security gurus follow up by reviewing the predicaments they must manage and the steps they have taken to find some success.