Business executives are liable for security breaches
Most executives put the IT team in charge of IT security and then forget about it until they need to approve a capital expenditure.
This is a horrible mistake since your IT team needs your help and support in making the network secure.
If your organization ever has a breach, you may be found negligent if you are not practicing due care and due diligence in maintaining IT security. The IT security at most small to midsize businesses is, if I may speak frankly, a joke!
Many IT professionals are already facing insurmountable odds trying to keep employees productive and pleased with too few resources and too little knowledge about more modern tools that could make their jobs much easier. Understand that, when it comes to IT, “modern” can refer to a technology that was created recently. Much of the technology created 3 years ago is so “outdated” that you are losing valuable ROI by not upgrading. Note that Windows XP is an exception to this rule – stay away from Vista at your offices unless your IT professionals are ready for and requesting the move.