This article can also be found in the Premium Editorial Download "Information Security magazine: Does security make the grade in Windows Server 2008?."
Download it now to read this article plus other related content.
According to the Information Security/ SearchSecurity.com Priorities 2008 survey, you'll be spending more time on...well, you
When we asked about key initiatives such as endpoint security, vulnerability management, compliance, identity management and the like, 80 percent responded they will be spending equal or more time on such matters. While these findings show that indeed you will be busy in 2008, they also show the importance and influence of your role in the organization. In fact, 67 percent say their job is going to be more strategic in 2008.
Today many CISOs and CSOs are far more involved in risk management and regulatory compliance issues, moving away from technology responsibilities. Seventy-five percent of those surveyed say they will be spending more time on compliance in 2008, working to continuously improve compliance processes.
Other results of note: Endpoint security and network access control are gaining ground in organizations; 69 percent of those surveyed say it is important for 2008. For the last 18 months NAC has been about marketing hype with Microsoft, Cisco and other vendors evangelizing the rewards of the technology. It appears that in 2008 we'll start to see some deployments and will be able to assess its success.
Speaking of Microsoft and Cisco, we asked our readers what they thought of these vendors and the results were telling. While Microsoft has made inroads with its Trustworthy Computing initiative, the company still needs to win the hearts and minds of security professionals. Only 23 percent think that Microsoft has strong security. When asked the same question about Cisco, 60 percent responded positively. Still the large vendors have a leg up on some of the smaller vendors as 58 percent of users are reticent to work with smaller vendors.
We also saw some interesting results when it comes to technology deployments. Enterprise single sign-on is picking up steam with 47 percent saying they will evaluate or implement eSSO in 2008. Conversely, federated identity management has lackluster interest with more than half of those responding saying they weren't going to do anything with it in 2008.
This was first published in February 2008