During the past decade, organisations have invested millions in their security and compliance management programmes. Unfortunately, the reality is that they've spent too much but still do not have adequate security or may be still struggling with regulatory compliance issues. Since mixed IT environments are a reality in most organisations, CSOs have many issues in harmoniously integrating people and technology. Solving this challenge is quite a task! Realising the need of the hour, CTO Forum, along with Novell and TCS, organised a series of roundtable discussions in Delhi and Mumbai which witnessed Heads of Security sharing their experiences and deliberating on new and alternative approaches.

Most delegates said that high costs have been a major deterrant to implement new security measures. The entire industry has witnessed major cut backs on security budget during the downturn. On top of that, the evolution of internet and multi channel access points has increased the risks associated with Internet use. The general concern among the top Security Heads attending the event was that there were many serious security risks in an environment of heterogeneous IT infrastructure. Therefore, there is a need for a solution to integrate various IT systems and make it work as a single entity without compromising on the business needs.

Bobby Jacob, Solution Architect, Novell, pointed out that while implementing security one encounters a dilemma when taking decisions on what needs to be secured and to what extent. He said that it is important for the security solution vendors to understand the needs of each industry and address these concerns depending on their signifcance for that specifc company. TVS Murthy,Global Delivery Head, Information Risk Management Advisory Practice, TCS, discussed the solutions provided by Sentinel, the Security Incident and Event Management Solution, which takes care of the key business concerns like cost optimisation, fraud detection, compliance, risk reduction and real time monitoring. In larger organisations, implementing governance and appropriate control measures pose major challenges. It was observed by most of the delegates that employees often ended up being the weakest link in the security. And since most of the security solutions use technology, the resolution of this problem falls under the purview of IT. In such cases governance and identity access management needed to be integrated to provide a comprehensive solution. A layered approach to security was the best  option, experts from Novell and TCS felt.

Overall the discussion was very interesting and provided deep insight into the use of customised security solutions.