Spare a thought for the compilers of dictionaries in the Digital Age. Technology is always moving beyond the confines of the alphabet. If you were given only 26 choices, for example, what would you list as the chief concerns of IT professionals today?

Mention storage in the same breath as Sarbanes Oxley and the immediate reaction of senior management might be to hide the checkbook. Invariably a vendor is making a pitch on how the latest, and greatest, WORM-enabled, opto-magnetic, network replicated gizmo is going to solve all of their problems.

New security threats are growing in frequency, sophistication, and danger. While perimeter-focused security can mitigate risk from known attacks, real protection comes from identifying and reacting to any new threat the instant it hits your network.

You wouldn't consider buying a laptop at your nearest consumer electronics store and bringing it into the office to work on, right? What about a RAID disk or a CD drive? - didn't think so. Yet one device that nearly everyone buys privately and keeps in their pockets these days to store both their personal data and confidential corporate data is seldom controlled or secured by the corporation: USB flash drives.

Storage networks have become critical components of corporate computing environments. Regardless of the type of storage technology, these networks have been designed as if the storage environment and all of the components are already secure because security is provided by other networked systems.

Inevitably, intruders' most attractive targets have the weakest defenses. Therefore, it shouldn't be surprising that enterprise applications and databases are increasingly coming under attack from the kind of threats once associated mostly with operating systems and desktop applications.

The security industry has a massive problem. Despite a constant flow of patches, millions spent on firewalls and IDS, and updated security procedures, we're still plagued by the insider threat - malicious hackers infiltrating networks using legitimate, but stolen, credentials. As long as there are ways for malicious hackers to find 'legitimate' ways into your network - and there are dozens of easy ways - networks will continue to be compromised.

Every organization is confronted with the question of how best to manage digital identities in order to effectively control access to and use of its IT application resources. To grasp the extent of this challenge, consider the stages of an identity's lifecycle, and the processes, practices, and tools needed within each stage.

If you are responsible for finding vulnerabilities on large or small enterprise networks, you are faced with a variety of political and technical challenges in doing your job. Fortunately, there have been a variety of new developments in the art of enterprise vulnerability detection that make use of new and old technologies.

Because of today's emphasis on stakeholder accountability and changing oversight structures, business management is more answerable than at anytime in the past for assuring the accuracy, protection, and access to, financial and other business transactional information. This is creating a partnership of responsibility between the IT domain and the organization's executive management.