point
Menu
Magazines
April - 2010 - issue > CEO Spotlight
Opportunities-and-Challenges-for-Information-Security-Companies
Rajesh K. Parthasarathy
Monday, March 29, 2010
comment
print
forward
Information security is no longer an IT stepchild but a mission-critical effort: a data breach has an immediate effect on a company’s bottom line, on its marketshare, its stock price, and in some cases, on its ability to survive the loss of confidence and loss of contracts. A recent study revealed that 32 percent of customers withdrew their business from a firm after it suffered a security breach. Add to lost revenues the cost of responding to a data breach (averaging several dollars per record), and a comprehensive and adaptable security platform pays for itself many times over.

Why is a comprehensive approach an advantage? Most importantly, a patchwork of software products from a variety of vendors creates security gaps that lead to breaches. And mistakes occur as users move between interfaces. On the practical side, the more products, the more work to train for, use, and manage them. And for every different security platform an organization adopts, there is a need to repeat work, whether it is creating templates for each and every program or copying the results from one program into the next program in the security lifecycle.

No CIO that I know of is looking to cobble together a solution set that will burden his or her team. Nor does he want to invest dollars in solutions built for today’s threats, but not tomorrow’s. Instead, we are recommending, and seeing a good response to, a more ‘holistic’ approach that manages the flow of sensitive data through an enterprise system.

It’s not easy, of course; multiple platforms in the customer technology stack legacy systems from obsolete vendors, and homegrown or custom databases created with varying methodologies by different developers. So security vendors with products for Oracle databases and applications will find that their customers may also have another database or a legacy system and will want to extend the same security functionality to all platforms.

CIOs are looking for solutions that can share intelligence, reuse work already done, and adapt to the constantly evolving threat and compliance landscape . . . and without a lot of additional investment of time or money. Accordingly, we believe that a flexible and comprehensive approach to creating a product suite will meet that need, giving CIOs more security for their dollar and giving security vendors an advantage in the market.

Rajesh K. Parthasarathy is the President and CEO of MENTIS Software. Founded in 2002, MENTIS provides information security solutions for
databases and applications.

Twitter
Share on LinkedIn
facebook
Reader's comments(1)
1:In David Scott%u2019s words, everyone needs to be a mini-Security Officer in the modern organization today. I think Mr. Scott is right: Most individuals and organizations enjoy Security largely as a matter of luck. Anyone else here reading I.T. WARS? I had to read parts of this book as part of my employee orientation at a new job. The book talks about a whole new culture as being necessary %u2013 an eCulture %u2013 for a true understanding of security, being that most identity/data breaches are due to simple human errors. It has great chapters on security, as well as risk, content management, project management, acceptable use, various plans and policies, and so on. Just Google IT WARS %u2013 check out a couple links down and read the interview with the author David Scott at Boston%u2019s Business Forum. (Full title is I.T. WARS: Managing the Business-Technology Weave in the New Millennium).
Posted by: Janice Taylor Gaines - 29th Mar 2010
Disclaimer
Messages posted on this Web site under the `Comments' area are solely the opinions of those who have posted them and do not necessarily reflect the opinions of Infoconnect Web Technologies India Pvt Ltd or its site www.siliconindia.com. Gossip, mud slinging and malicious attacks on individuals and organizations are strictly prohibited. Infoconnect Web Technologies India Pvt Ltd can not be held responsible for errors or omissions in content, nor for the authenticity of the user/company name or email addresses associated with posted messages. Infoconnect Web Technologies India Pvt Ltd reserves the right to edit or remove messages containing inappropriate language or any other material that could be construed as libelous, potentially libelous, or otherwise offensive or inappropriate.Infoconnect Web Technologies India Pvt Ltd do not endorse the products and services or any other offerings mentioned in these messages.

Previous Magazine Editions