This is the era of cyber terrorism1, spamming2, identity thefts3 and regulatory compliance requirements4. Enterprises are and need to be more conscious about how they expose themselves to the outside world; how they trust outsiders as well as insiders, what they do with consumers’ data; and how they keep their business sustained, despite disasters5. While reactive enterprises just counter threats that they were victims of, proactive organizations have started leveraging the investment on security to business value additions6. The challenges to enterprises vary from simple loss of customer confidence to legal implications7. The reports on security incidents8, identity thefts3 and government initiatives in the last decade are direct evidence for how serious enterprises have to be.
On the contrary, a reverse look on the entire issue, the top-down approach is proving to be highly successful. Here, management understands the seriousness and initiates the process, which is then systematically percolated down to operations staff.