"Managing risk with regard to information systems and security sometimes doesn't go to the highest levels and that's why the risk framework is a way to get senior leaders involved early in the process," NIST senior computer scientist Ron Ross says.
"There's a real threat out there." Cybersecurity Coordinator Howard Schmidt says. "But the threat sort of follows the way we build our defenses against it, and I think those things continue to move in parallel."
Looking ahead to the new year, Kristin Lovejoy of IBM says information security organizations face a host of global compliance issues - and the complexity of this challenge may be the biggest task of 2011.
Shuttering of smaller institutions leaves a financial void for certain segments of the population -- a golden opportunity for innovative institutions dedicated to growing their businesses and services.