Users have set security agenda

When the IT directors of Royal Mail, BP, ICI and other FTSE 100 companies join together to call for a new universal framework for...

When the IT directors of Royal Mail, BP, ICI and other FTSE 100 companies join together to call for a new universal framework for security, IT suppliers should sit up and pay attention.

IT directors on the sharp end of delivering business-to-business web services know that the existing security standards and architectures cannot deliver the sort of systems we need to make the most of the opportunities that lie ahead.

Although it is possible to enforce common products and standards within an organisation, the days when that was sufficient have long since past.

The future, for all organisations, in both the private and public sectors, involves breaking down barriers between organisations and opening up once closed systems to partners.

Users realise that today's piecemeal approach to IT security and the slow progress of supplier-led security standards bodies are a barrier to that future.

That is why the efforts of some of the UK's leading IT directors to lay out a strategic approach to defining standards and tools that suppliers must deliver are so important.

The challenge to suppliers will be laid down at this week's RSA Security conference in Amsterdam, but it will just be the start of the process.

Consistent pressure from powerful users is the best way to ensure that suppliers co-operate to develop the fully open security architecture we need. It is also the best way to ensure suppliers compete to put that architecture into systems that deliver real business advantage to their customers.

Short-term wins are key to project success

With IT budgets heavily under the corporate microscope, IT directors are searching for quicker results from their IT investments. In many cases, they are setting out to get business value with no new IT investment at all.

Whatever route they take, IT departments must cultivate a reputation of being good at investing in and exploiting technology. As this week's feature on page 50 shows, there are approaches IT directors can take to obtain short-term wins for the business through targeted implementation of IT.

This does not mean that we are witnessing the demise of the large IT project. It just means that increasingly these projects must be broken up into a series of smaller projects, each with a business goal and a return on investment that can be delivered within one budgetary period.

Read more on Hackers and cybercrime prevention