Business Times

Managing Information Technology and security in a Cha (lle)nging world

By Wipul Jayawickrama

We are living in an increasingly evolving world. One of the aspects of this evolution is the permeation of technology into every aspect of our life. The technologies around us change continuously, with it changing the way we live, work and entertain ourslves.

Due to the advances in technology, the world has become an interconnected place; connecting people, cultures, communities and organisations. These connections are not just technological, but multidimensional. The demographics of technology users have changed, as has the purposes of using technology.

We create wired and wireless connections using static and mobile devices to initiate and maintain human and virtual connections across geographic, socio-cultural and generational boundaries. These connections allow us to communicate, share information, play, work respond to political situ`tions and be creative.

Unlike many other facets of human life, it is almost impossible to capture the current state when it comes to technology. This is because the current state of technology is transient. In such a transient state, proactive technology management in reality becomes a series of reactive responses to technology driven business practices. An analysis of how we manage technology shows us that we have not changed our approach to technology management.

We still seem to be evaluating and responding to problems based on yesterday’s experiences. The convergence of the professional and personal spaces has resulted in the development of many new technologies such as high reliance on the information and communications technologies. With the rapidly changing technology and its use, we are posed with the challenge of managing and securing the systems and information connected by the technology. The changing landscape of the information and communication technology space means that the traditional ways that we looked at managing information security are no longer valid. It poses a challenge of rethinking the way we plan our information security strategy.

A key development that seems to have gone unnoticed is that the shift of balance in technological knowledge. Previously, the technology department of an organisation was the masters of technology, and thus commandeered a position of power within the organisation, driving the business in the selection of technology and its use.

The end users had to rely on the technology department personnel to provide the technology and the know how to use it. Today’s end user base is much more technology literate, and are more knowledgeable than technology department personnel not only in the technologies, but also in the use of these technologies in the business context. We now have businesses asking for technological features to enhance their business activity. Some users have invested in their own technology and want to use personally acquired technology within the business context.

Suddenly, the technology department is no longer driving the technology advancement of an organisation. Rapid changes to the technology landscape means also that they cannot keep their knowledge constantly updated. While they still may have more knowledge in configuring the traditional computer and networking technology, the rest of the organisation now has more knowledge about using technology in real life.

These advancements introduce new threats and risks to the technology landscape of an organisation. More people with access to technology that can be used in a multitude of ways mean that there are many more threat vectors that can impact on the organisation.

While traditional controls to managing technology threats and risks such as policies and procedures, authentication and access control, event logging and auditing and implementing management systems and compliance frameworks still have their use, we need to look at new ways to identify and manage technology related risks to an organisation.

Unfortunately, we seem not to have stopped to evaluate our approach to technology and related risk management. Collectively, we know very little about our current threat environment. This is evident from the fact that our technology management and information security programmes are no different from those that were in place in the past.

We are still talking about hackers, malware, technology failures and such as our threat sources. While, we do seem to understand that there are new types of threat vectors, we seem to interpret and address them through new types of old defences such as new types of old defences more and more compliance requirements, technological controls and awareness campaigns.

While these controls may provide a degree of assurance that are technological systems and processes are resilient to some extent, we need to develop new paradigms for managing technology and information security taking into account the differences between the organization and the individuals that make up the organisations. Some of the differences that need to be considered are –

  • Organisational culture vs individual culture
  • Organisational risk tolerance level vs end user’s risk tolerance level
  • Organisational knowledge vs end user’s knowledge
  • Organisational access to technology vs Individuals access to technology

Factors such as changing dynamics of technology and its usage also need to be evaluated when developing new paradigms for technology management.

Only when we gain an understanding of the actual technology landscape can we begin to formulate and implement a technology and information security management programme to address the continuous changes and challenges posed by the rapid advancement of technology and the technology related behavioural changes demonstrated by individuals.

Top to the page  |  E-mail  |  views[1]
SocialTwist Tell-a-Friend
Other Business Times Articles
Colombo stocks gone wild
Chinese team visiting in July for Colombo South Harbour construction
Standard Chartered Bank hedging losses carried overseas
Hydraulic experts endorse feasibility of Galle Face commercial city
Encouraging hobbies among Sri Lankans
Census confirmed for 2011
Mixed reaction to the budget
Comment - Missiles over Sri Lanka
Feature - Managing Information Technology and security in a Cha (lle)nging world
Feature - National University System in jeopardy: State indifference towards academics
Link Samahan wins approval from Canadian market In 15th year of business
Anti piracy unit set up in CID
Entries for SLIM Brand Excellence 2010 open July 8
Government’s 2010 budget targets cannot be trusted: Econo
CMA for Sustainable Business amidst climate change
IMF disburses US$407.8 million, extends SBA for another year
Indo – Lanka FTA not up to expectations since a decade
Commercial Bank named Lanka’s best once again
Heritance Kandalama wins Best Five Star Resort for third year at Presidential awards
Order online at
Chamber’s CSR awards in November
Financial literacy is about knowing the basics
No action on hedging deals by AG, says Ameresekere
Defects of transitional shelter in post-war resettlement
Unilever helping with rehabilitation in the North
Golden Key depositors demand that authorities expedite repayment
Arpico Supercentre earns top brand honours
Virtusan Madurika Welivita honoured with Academic Excellence Award
Asian Shippers’ Council secretariat moves to Ceylon Chamber
MBSL records a revenue of over Rs.1 billion
Asha Phillip Securities to open new branch, plans to expand
Gerard Victoria, Head of Aviation at Hayleys
Drinking tea could boost food security : UN agency
Working poor and job-oriented growth
SL exports to be US$ 20 billion by 2020
Sri Lanka’s rubber market enters a promising path
Rajitha Kariyawasan appointed to Hayleys Board
LOLC to expand micro finance in North-East
Develop professionally efficient workforce: new THASL president
NDB Bank appoints Chrishanthi and Indrajit as COOs


Reproduction of articles permitted when used without any alterations to contents and a link to the source page.
© Copyright 2010 | Wijeya Newspapers Ltd.Colombo. Sri Lanka. All Rights Reserved.| Site best viewed in IE ver 6.0 @ 1024 x 768 resolution