John F. Frank, Sr. Vice President & CIO, Brightpoint North America
I walked away from the roundtable with the following thoughts:
Everyone represented is highly aware of the possible security issues their respective companies face, and have implemented the best measures available with the resources, tools, and money that is available. Everyone recognizes that a security issue is inevitable no matter how many safeguards you put in place, and there is a point where no amount of money can guarantee a breach will not occur, so each organization has to do their best to safeguard the highest impact areas within reason.
One of the best ways to predict a secure environment is to hire the right people into your company. The most damaging and most difficult to identify security breaches are the ones that can be caused, usually inadvertently, by an employee. We need to hire and employ people that use a bit of common sense, and are willing to periodically participate in company awareness training. Data, stored and moved digitally or in small media, are the most vulnerable. This is where the aware employee is essential to the protection of the company.
All agreed that the biggest outside threat comes from rogue countries that are bombarding our systems with SPAM, viruses, and other insidious attacks that could risk a broader or global Internet crisis. This is the one risk that no single company can fight, and there is a big question mark as to whether state, federal, and international governments have this scenario planned and mitigated.