Too many IT departments take the stance of “I’ll worry about it when I have to worry about it.” Problem with security issues is, by then it’s too late. Often times maintaining the status quo is as dangerous as doing nothing at all.
\nIn my experience there are two types of enterprise IT departments -those that maintain the status quo and those looking to continuously explore and improve.
\nIt is truly unfortunate how many fall into the former category. But the problem with IT security is that it’s an ever-evolving and moving target. So the decision to not dip your toe in the water and understand all available options could mean the difference between a panicked 3am call regarding a breach alert or a good night\u2019s sleep.
\nI realize this is an over generalization, and oftentimes the decision to \u201cstay the course\u201d is not in the hands of IT. There are budget concerns. There are personnel limitations. There are higher perceived priorities. There are complex layers of interdepartmental decision making. So, if it ain\u2019t broke, don\u2019t fix it\u2026right?<\/p>\n