Today, organizations assume greater accountability for the data they store and process; at the same time, rapidly changing business models force them to make data access more open and allow for greater data and user mobility. The challenge for the security and risk professional is to support these changes while ensuring that data is protected in the way the business demands. Companies are responding to this by shifting their emphasis from traditional measures of bolted-on perimeter and infrastructure protection to deploying a more data-centric approach to security and new approaches to infrastructure architecture.