It’s been a long time in coming but it looks like security has finally risen to the top of the business agenda.

While some of my colleagues here at TST look at highly technical and detailed security topics, I am more likely to focus how to protect your data from a zombie attack, an outbreak of swine flu or an IED. The latest addition to my personal "Horsemen of the Apocalypse" is the cloud provider or software-as-a-service (SaaS) vendor that fails and suddenly goes dark.

Managing IT security can be a thankless job in more ways than one, especially given the size of the task at hand. To really figure out what is happening and when it's happening, IT security managers must sift through massive amounts of systems log data.

For all the concerns about cybercrime and digital espionage the threat that can do the most harm to any organization is the one that comes from inside. It doesn’t take much these days for a disgruntled employee to become motivated enough to share valuable business information with outsiders. Whether it’s for revenge or profit, most IT organizations are not really prepared to prevent that leak from happening or identify the source of that leak once it happens.

The final phase of the Massachusetts “Standards for the Protection of Personal Information of Residents of the Commonwealth” is slated to go into effect March 1, 2012, ending almost three years of controversy and business opposition to the legislation.