Recently, I had the privilege of being a guest keynote speaker at symposiums for two of the world's largest financial services companies, where I spoke about the people dynamics and success/failure trends of deadline-intensive projects -- something near and dear to all our hearts. Between the two events (one held in Chicago and the other in Boston), there were about 700 technology professionals in the audiences. It was an exciting time.

Viruses, Trojan horses, worms, time bombs, adware, spyware, keystroke tracking tools, spoofing, snooping, sniffers -- these are some of the most popular examples of malicious code and techniques that modern organizations find themselves fighting. Couple this seemingly unabated tide of new releases and new forms of harmful software with human threats like crackers, thieves, industrial espionage contractors, and your own disgruntled or ill-intentioned employees, and what do you get? You get a complex cocktail of potential security headaches. How big a headache?

Today there is a pretty impressive array of information security safeguards available.

As the 20th century has wound down and the 21st century begins, we find ourselves in the Internet decade. Whether or not it evolves into the Internet century depends on whether people can keep their confidence in the Internet and in the institutions that provide the rich experience it makes possible.

With this issue of CBR, we set out to take stock of a rapidly evolving area -- IT security. We called upon two contributors with years of experience researching and practicing security and IT risk management: Richard Baskerville, Chairman and Professor of Computer Information Systems at Georgia State University (USA); and Jeff Schiller, MIT Network Manager.

One of the seemingly eternal debates in information technology is whether to handle development and other IT tasks internally or to outsource them to a domestic or foreign vendor. Outsourcing offers a number of obvious benefits, such as saving money, reducing the cost of overnight processing by shifting work to an overseas vendor, or simply fulfilling a short-term need for additional skilled technical talent without having to hire new employees.

One of the seemingly eternal debates in information technology is whether to handle development and other IT tasks internally or to outsource them to a domestic or foreign vendor. Outsourcing offers a number of obvious benefits, such as saving money, reducing the cost of overnight processing by shifting work to an overseas vendor, or simply fulfilling a short-term need for additional skilled technical talent without having to hire new employees.

One of the seemingly eternal debates in information technology is whether to handle development and other IT tasks internally or to outsource them to a domestic or foreign vendor. Outsourcing offers a number of obvious benefits, such as saving money, reducing the cost of overnight processing by shifting work to an overseas vendor, or simply fulfilling a short-term need for additional skilled technical talent without having to hire new employees.

"I believe that we're starting to see a trend away from the serial, and often bureaucratic, methods that pervade many data groups toward an evolutionary/agile approach that reflects modern software development practices."

In recent years, application developers have pioneered techniques that enable them to work in an evolutionary (iterative and incremental) manner, and now we're going one step further with agile methods that are also highly collaborative. Unfortunately, many data professionals are still mired in the traditional, serial approaches of the late 1970s and 1980s. As a result, they're discovering that they need to play catch-up if they're to remain relevant within the new environment.