Jiri’s Notepad

In the mind of many, there is a clear image of what security entails. And there is a reason for that - since the adoption of web-based technologies, we have not change what we do or the way we work. We have seen a number of changes, including the terrorist attacks in 2001, nastier malware, spam, Microsoft getting big way into security or the recent wave of outsourcing. Yet they have brought change to the lack of interest that the rest of the organisation mostly pays to security. Security technology has not changed either.

Yet, I do think that we are at the beginning of a change as big the one caused by enterprise adoption of internet based technologies. Today’s change will be, again, instigated by changing technical trends. Although varied in their reasons and focus, many current management and technical trends, including increased popularity of supply chain integration, customer relationship management, service oriented architectures or grid computing, have a similar effect. In essence, they all tear down the boundaries we have built between organisations, departments, applications and system resources.

During the next couple of years, these trends will re-shape the current practice of security technology and will have significant secondary effects on security budgeting and resourcing. Although security has not re-shaped yet, the trends are here and there are good reasons why this time it will be hard for organisations to ignore the need for change.

We have a choice to either lead into this future, or being dragged into it. Following is easy, we just need to go on doing the things the way we have been doing so far. But leading into future requires understanding of where we are, of the shape of things to come followed by making the steps required to change ourselves and our environment.

We still have a choice. Which one are we going to take?