No conference would be complete without a discussion about security. And the CIO 100 Symposium is not an exception. The word here among CIOs is that security is no longer being ignored by CEOs and is getting the attention \u2014 and money \u2014 it deserves. As one CIO said, "Mention security to senior executives, and you can get three or four more things funded with it."\n\n\n\nWhy has security become an easier sell? CIOs say the requirements of Sarbanes-Oxley have a lot to do with greater security awareness because corporations have to show they are responsibly protecting data. Online revenues are growing for many corporations, so network downtime caused by viruses and cyberattacks are more costly. Also, credit card companies are putting pressure on retailers to follow guidelines to protect credit card numbers.\n\n\n\nA surprise, however, is that some CIOs have taken a different tack in selling security to senior execs. Instead of return on investment, these CIOs say you sell security much like you sell insurance \u2014 by showing how it lowers risk.\n\n\n\nAnd, it doesn\u2019t hurt to elevate the security position to a vice president level; that certainly creates more awareness among corporate executives.