New world of network compliance and security emerges

It's often said in general Sarbanes-Oxley discussions that if a company, or executive, really wants to commit a crime, the law will not stop him. That's true of course. When it comes to network integrity, the old saw is increasingly a cause for chagrin at top companies with lots of IP assets. The brave new world we're all facing is one where internal network intrusions are by far the most costly and deleterious. And it's obvious to many that stamping out insider threats and data leaks is much more difficult than stopping viruses and rogue hackers and the like. Most firms would admit they need to do more to secure sensitive data and intellectual property. This is an appropriate area of Sarbox focus; most people still assume Sarbox requires companies to audit access to sensitive data. Whether the possibility of an internal breach eventually meets some future materiality standard is really immaterial. Audits are already leading to lots of changes. There is no shortage of software companies hawking security wares. It requires a concerted effort. You may want to renew your focus now.

For more:
- here's an article from Top Tech News