Not long ago, data security was a relatively predictable IT responsibility left in the hands of mid-level associates and administrators. Now that threats are coming in greater volume and variety, however, a number of CIOs are having to fundamentally rethink their protection of sensitive information assets.

The illusion of safety has all but evaporated within the business community in recent years. Between data breaches exposing the credit card credentials of millions of customers to distributed denial-of-service (DDoS) attacks disrupting government operations, it seems no one is entirely immune to today's security realities.

According to Business Excellence Magazine, perhaps the greatest paradigm shift has been the realization that perimeter-based data security solutions are losing their luster. As cloud computing strategies and mobile device proliferation send information to portable and ephemeral endpoints, IT teams have ceded a certain level of control.

These developments have also placed regulators and legislators on high alert. As the news source noted, the European Union has come forward with several aggressive recommendations for promoting improved data protection. U.S. officials have been weighing similar measures as well, including the consolidation of state codes into one comprehensive federal data breach notification law.

Executive data security decisions
As the frustrations of frontline administrators and concerns of industry regulators begin to filter up the corporate food chain, data security is quickly becoming a C-suite priority.

"IT security's rise from being a functional area to a board level concern is maybe the fastest I've ever seen," Booz Allen Hamilton senior vice president, Thomas Sanzone, told The Wall Street Journal.

Not surprisingly, many of these executives are approaching this issue with a cost-benefit mindset. According to the Journal, CIOs are now directly factoring the technical human resources required to secure an emerging innovation into how their organization approaches that market trend. In the case of mobility, for example, some companies are only providing limited support for bring-your-own-device programs until they are more confident they have a security infrastructure in place to protect more distributed workloads.

One investment that pays consistently strong dividends is a renewed focus on fundamentals. As Business Excellence Magazine suggested, the portability of enterprise information now means that data itself is at risk as opposed to merely the devices it is carried on. By drilling down to this granular level and guarding assets with effective data encryption software, CIOs can feel far more confident that their information assets are safe at rest and in motion.