Any competent IT professional will tell you that one of their top priorities— probably the top priority—is securing their enterprise’s data and network. Indeed, CIOs typically allocate a healthy chunk of their overall IT budgets to security.
Concern, however, does not always translate into competence, or even common sense. Further, throwing money at a problem without first properly assessing and prioritizing an enterprise’s unique IT-related risks actually can create greater vulnerability. You can’t just buy technology, put it in your environment, and assume that your assets are safe.