And make sure there's involvement at the very top, Bohlen says. As a global organization with offshore operations, Textron's security challenges include protecting its intellectual property and complying with rules that prohibit certain kinds of data from being handled at offshore locations.

Every month, Textron's chief information security and privacy executives brief Bohlen on key events and trends pertaining to enterprisewide information security and data privacy issues. Bohlen also gets feedback from individuals within each business unit who report directly to him.

Quarterly audits by an internal team and an annual audit by an external firm further augment Textron's security efforts and ensure that internal compliance goals are being met.

And there's no such thing as overcommunication when it comes to information security, says Hari Bezwada, program manager for IT systems at the Pentagon Renovation & Construction Program Office in Arlington, Va.

Bezwada, for instance, is in charge of requirements-gathering in a massive ongoing effort to combine networks belonging to the U.S. Army, Navy, Air Force, Marines and the National Military Command Center into a single unified command center. The effort entails getting each of the services and agencies to operate off a common network backbone with standardized servers and storage. It requires the agencies to adopt standardized security and firewall rules that can be managed centrally while also accommodating the unique security requirements of each agency.