By: There is no choice: Eternal vigilance against clever hackers, greedy cybercriminals and clueless employees is part of the cost of doing business. But companies can still choose how they defend themselves. Some companies are moving away from Microsoft products. Others have started to treat security as a risk management issue rather than an IT problem: Instead of being a function that installs firewalls and enforces rules, IT security has become part of an overarching strategy of minimizing strategic and legal risks. So far, this broader approach to security is working. Meanwhile, compliance is coming to the end of its run as an urgent priority, since most companies have achieved compliance with the Sarbanes-Oxley Act. But there is an important carry-over effect: Companies are still upgrading their financial systems and processes. Most IT executives believe there are still plenty of opportunities for automating the finance function.
In this slideshow: 17. No abatement of IT security threats 18. Security concerns turn users away from Windows 19. Security morphs into risk management 20. Compliance achieves what government intended 21. Compliance spurs financial process improvement
