the shared responsibility for availability

Research has claimed that businesses are now more concerned with “availability” than they are security. I’m not surprised by this since the availability of technology is a shared role between IT in general and the security team (as part of the CIA triad). I”d like to point over to some ongoing discussion at Farnum’s Place. Feel free to chime in!

So, when did security eclipse availability? I think availability, by its nature, always has to be first. Or maybe an integral part of the security posture (again the CIA triad) and not broken out separately. Regardless which of the above two is correct, this breakdown makes me wonder at the vailidity of this research, or at least the article presenting it.