In contemporary context of global information era, the issue of cyber security is considered to be one of the key elements, which determine overall company's performance, competitive advantage, and image. From the critical point of view, the major controversy of cyber security is embedded between methods of control and monitoring, in particular its centralized or decentralized regulation. Practically, opinions of the specialists in regard to this issue vary significantly. The advocates of federal centralized regulation approach indicate that the system of acts and other regulative documents is the most adequate way to protect companies and avoid their potential losses. Simultaneously, the analysis of the latest trends in the area of cyber security and corporate policy, including conducted studies and researches as well as accepted managerial practice, prove the opposite - the only practically accepted way to manage the controversy is to leave the management, control and monitoring of cyber security on corporate sector.
Visualizing the Yin and Yang of Information Securi...
Information security
Computer SecurityAccording to the Global State of Information Security 2004 study conducted by CIO and CSO magazines and PricewaterhouseCoopers, companies' security practices improved overall in 2004, though their security resources did not significantly increase. According to more than 8,000 IT security professionals from 62 countries, the number of security incidents experienced in 2004 remained relatively flat compared with the year 2003; however, financial losses and disruption damages were less severe. Simultaneously, information security budgets also remained flat in 2003, accounting for about 11 percent of organizations' overall IT budgets (Glasgow, 27). Government regulations and potential liability continue to be the biggest factor driving security investments, indicating that in addition to IT investments in security, security spending may be occurring in departments other than IT.
The study revealed that companies created more senior-level security positions and those security positions more often report outside of IT to departments such as...