This IDC study explores the essential elements of an effective IT security strategy. It focuses on the goals that should be pursued by policy-level executives in restricting the potentially adverse effects of cybercrime. It is essential to change from "prevent and detect" solutions to "contain and control" approaches. Containment of a security breach inside an operating environment should become a method for preventing exploitation of applications. This study describes essential protective measures and provides essential guidance for establishing secure networks and data.
"Rather than concentrate on the installation of additional software interception barriers, the future of cybersecurity depends on the imposition of comprehensive restrictions on the access privileges of all personnel, which include consultants, contractors, suppliers, and customers," says Dr. Paul Strassmann, adjunct research advisor with IDC's Research Network. "That will be difficult to accomplish because such limitations run counter to established customs and relationships."