To some extent, we suffer from a legacy of thought that there were no security risks and threats to IT security implementation. The old mainframe computing model meant that only those with terminal access could change and run code, and security was governed mainly by physical access to those terminals. The significant developments in connectivity with WiFi, VPNs, and, essentially, the internet mean (and have meant for some time) that physical proximity of access is now irrelevant. It can be argued that the enthusiasm for application development and the world of the internet, e-commerce, and mobile have sometimes relegated security development to a lower priority.

During the 80s, with companies such as Novell replacing the Mainframe computing model with contributions to large-area networks, there was a need to expand the functionality of security infrastructure across organizations. Running a mainframe was expensive. Companies such as Microsoft and IBM seized the opportunity. They became severe market players in the network-connected PC space, but even then, security was not a priority, only the advancement in technology. It was not perceived as something at risk, unlike today. It was always about budgets and short-term solutions competing with issues of security. With cursory nods towards anti-virus patching, the fundamental foundations of a secure infrastructure were still being ignored.

IT today is very accessible. And that is, at once, the whole point of large parts of it whilst and the most significant threat – the world’s most considerable technological dilemma is you like.  A door isn’t enough, there is a need for a sturdy door with a robust lock that opens only when required. The landscape has fundamentally changed, requiring us to rethink the fundamentals of IT implementation. While there is no doubt that it is expensive and complex, it is imperative. Arguably, the most significant threats faced by us today are cyber risks. Giving not enough consideration to the founding infrastructure of systems in the past was the problem – something that we realize today. Everything we now know means organizations must take a step back and look again at the fundamental components of their architecture and systems.

IT changes and technological advances at the end of the ’90s and during the early ’00s meant that security breaches started happening on a large scale. More recent catastrophic cyber events called for a vast rethink and re-prioritization of security infrastructure. Organizations and individuals began to realize how cyber security infrastructure is key to the success of any business as the security maturity level of a company brings the security itself and credibility to the organization.

With the vast amounts of data available today and its increasing sensitivity, the core of dependable security lies in the architectural solid foundation of security infrastructure. Security is no longer a trade-off for convenience. As the attacks continue and become increasingly sophisticated, our approach and commitment to security infrastructure need prioritizing and tackling with the same enthusiasm as those looking to break it.

Where does your security sit? How mature is your current security? How resilient are you currently? These questions must be asked by every one of us.

The greater the immunity, the more resistance there is to the threat. And immunity comes from having a solid and fit body – a strong and fit infrastructure. Contemporary CIOs should be building a security strategy, taking the lead on restructuring security, and creating and developing a culture of cybersecurity-first within the organization.

It’s not just a commercial issue; the IT systems facilitating and supporting government operations are at greater risk. It can be a disaster if security breaches happen with government-related data. This article talks about current targeted attacks in South and Southeast Asia, proclaiming the importance of building an Information Security Infrastructure that is robust, resilient, and dependable.