You must secure the future

If IT managers can prove the value and reliability of security systems businesses will be prepared to invest in them, despite the...

If IT managers can prove the value and reliability of security systems businesses will be prepared to invest in them, despite the downturn

Never in the field of IT history has one word had so many meanings. I am talking about the main IT issue on the lips of every chief executive - security.

It does not matter that it means different things to different people. It does not matter that IT leaders think it does not matter. What matters is that everyone is talking about it, and when we offer solutions to it, the effect is magical.

Our first challenge is to find a uniform, business, catch-all reason why this is so important. To do this we need to look inside the minds of our chief executives.

I was greatly helped in this endeavour the other day when watching a tree-surgeon cutting back an overgrown conifer. There he was, perched high above the ground, relying on information being shouted to him from below, secured only by a harness attached to the very tree he was cutting down.

What an analogy - our chief executives are leading us through the most challenging of economic times, making cutbacks, and yet having to ensure future security for our organisations. Furthermore, new technology and sexy applications are no longer a priority for chief executives, they require peace of mind from IT before they will invest in its growth again.

As IT leaders, we can play a huge part in helping our companies. If security is the main issue then we must address it, and there are three messages to get across to our boardroom peers:

  • Security as a strategic business asset. IT will help with this by ensuring that "we will be ready" the moment the company decides to invest and grow. Do this by putting business first - your goals should be your company goals; your people's language must be their language; and your teams must prove that IT can be a strategic driver.

  • Security arising from a belief that technology does deliver. IT will prove that we are an investment, not a cost by achieving a return on investment on existing systems. This can be done by reviewing all of your major projects and learning from those that worked well, and those that failed; by ensuring that ownership of all of your applications lies with your company, not just IT; and by making sure that they bring a real, measurable business benefit.

  • Security in its traditional IT sense. Convince them that IT will be safe and secure to deploy. Ensure that viruses cannot enter your organisation; that your Internet access rules achieve the balance between dictated rules and trusting people; and that your e-mail legal awareness is second to none.

Traditionally, IT leaders focus on the third of these when talking about security. True, the one technology aspect that makes national news is a major virus. However, if you focus on the first two points within the overall agenda of security, you will find your chief executive attentive, you will play a bigger role in your organisation, and you will help to ensure that the tree will grow faster, stronger and higher than before.

David Taylor is president of IT directors' association Certus

Read more on Hackers and cybercrime prevention