 Today, four higher education IT leaders will debate Information Security's top spot placement on the 2016 EDUCAUSE Top 10 IT Issues list. So I'd like to reverse the question for you, Neil and Sharon, since you represent the position that being in the number one spot is a positive thing. Are there any negatives to being in the number one spot? Sure. One of my concerns about it being in the number one spot is that it being in the top 10 IT issues list is that institutional leadership may view security as an IT only issue when in fact it's a university-wide issue, it's an enterprise-wide issue. Issues about security awareness, data, other issues are something for the entire campus to be thinking about and we don't want people to think that IT is going to solve it because it happens to be on an IT list. I would have to agree with Sharon on that. Again, the fact that it's appearing as number one on an IT issues list really almost diminishes the universality of it across the entire enterprise. I think that if it was somewhere in the middle, it would carry more weight across the enterprise and it would allow us as security professionals to work and have better opportunity to spread the role and responsibility of security across the enterprise to all areas of the university. There are some positives obviously, but to my mind if security has been a top 10 issue for 13 of the last 16 years and it's risen the number one on the list, you really have to ask yourself what it says about our success or failure as a community to address these base security issues. However, I think it's important to also ask ourselves what's driven it to the top of the list. I think security for many practitioners is a very operational activity performed by our networks and systems people. I have the suspicion that for many CIOs and CISOs and their leadership peers, security amounts to HIPAA compliance, PCI compliance, Visma issues around research environments, and surely the number one IT issue for our community isn't do we have antivirus software on our computers or do we have next-gen firewalls at our border? So I think to really get at the question of what it means to have security at the top of the list, you really have to dive in a little bit and tease that apart. I think it's pretty clear that Sharon and Neil miss things because they tend to do that and a couple of the things I think they missed are this is a number one issues list. This isn't a number one strengths or advantages of IT list and being number one on the issues list is just not a good thing. I mean, you could say it's still getting attention, but it's not a good thing. And secondly, I'd say that people tend to focus on issues, on things that are ranked number one with the susceptibility of it's number one, I'm going to throw resources at it for a year or two and solve the problem and it's going to go away. It's pretty clear that either that hasn't been happening in security or it's happened that it hasn't gone away. And if people continue to have sort of an attitude of it's number one, we're going to spend a short amount of time on it and address this as a long term consideration for IT. We're going to continue to fail. Could I add one other thing to my esteemed colleagues comments and like him, I feel bad disagreeing with such a nice group of people, but they're just wrong. So I sort of have to, I do worry that if we're number one on the list, what we're going to end up doing is using up the communication stream we have to our leadership, they're going to get exhausted hearing about security. And Sharon said it very correctly earlier though, security is something that does cut across the whole institution. And it's important that we are in a place that they're hearing our message consistently in these different realms. And if we're at the top of the list one year, you know, there's a lot of chicken little going on, I think, and that's a risk to us. I have to respectfully disagree with our esteemed colleagues. I think they miss the nature, the root nature of issues with security overall. I mean, security is a dynamic item. And as technology changes, security changes and security issues changes. So the fact that periodically security reaches number one should be expected because unlike the rest of technology or just like the rest of technology, malware and malware actors are constantly upgrading how they're doing what they're doing. And if we take the stand that, well, you know, we'll take care of security and security is done, that's really short-sighted because security will always be evolving and security issues will always be evolving. And if we lose sight of this and we can't focus on it at any given time, say every five years, every three years, every eight years, then we're going to be at the disadvantage that we currently are at where we're falling behind in protecting our organizations and our data and our people. So I'm sorry, guys, but you're wrong. I don't think that this is a bad thing. I really don't. Of course, I have to agree with my esteemed colleague, Neil, yes. The challenge in the WNI when not if world, it has to do with breach. If we don't pay attention to this, then all those other things that leadership wants to do institutionally gets subsumed by a breach kind of activity. So we want to make sure that we're dealing with these evolving issues with security. These things continue to come up. We need to invest in this area. It is foundational. We're not going to be able to do the other things on the IT issues list, like looking at educational technology, dealing with online education, if we're not paying attention to security as a foundational kind of activity. Once that's done, again, as much as we can do in a changing context, then we can pay attention to those other things that we need to pay attention to. But security represents such a risk to the institution. We really need to be paying attention to it so that we can do the things that is our mission to do as an institution in higher education.