It's lonely in the middle -- but it doesn't have to be

For the middle class of companies, information protection is especially hard.

On the one hand, you now have information that is both a present corporate operational necessity and information that is what will build your future. The new and/or tiny firm may have intellectual property that is what their future is made of, but when a company is small the problem of protection is more straightforward because some one person still knows what it all is and where it all is. The Fortune 100 industry leader may have trade secrets that are likewise what their future is made of, but by virtue of their size they can buy protections sufficient to keep the protection problem and the apparatus to solve it inside the company.

For the middle size firm, keeping the protection problem inside the company is closer to intractable than it is for either the small firm or the large because the mid-range problem gets too big for one person to handle much before the mid-range firm can afford a full, in-house protection regime. This note is written for those middling firms that are not yet resource-rich enough for how information-rich they already are. Read more.

NOTE: This post originally appeared on CSO Online on January 21, 2013.

Dan Geer

Please post your comments here

Related Articles
Friday Five: 3/1 Edition

News on a new data privacy bill, the FTC's latest $5.7M fine, and hacking Instagram profiles - catch up on the week's infosec news with this roundup!

InfoSec Professionals Reveal the Top Information Security Concerns for 2018 & Beyond

30 infosec pros discuss the top information security concerns for 2018 and beyond.

Friday Five: 1/4 Edition

Brazil gets a data protection authority, hacking Face ID, and how CIOs are getting ready for 2019's challenges - catch up with the week's infosec news with this roundup!