By Michael Hall

The security of a modern organisation is similar to that of a modern city. Unlike protecting a car or house, the reality of securing an enterprise is considerably more complex—requiring police, private security, entry controls, rules and regulations, inspections, training, assessments, forensics, a SWAT team and much more. The modern organisation is built on millions of lines of code with countless software components interconnected across complex global systems and networks. Security is no longer a one-stop shop.

Getting security wrong can devastate an organisation’s reputation and financial situation. The media voice outrage every time a major breach strikes, exposing the negligence and carelessness of the company responsible: “How could they possibly be so incompetent?”