Key Security Initiatives Abound

Editor's Desk: Everything Goes

This article can also be found in the Premium Editorial Download: Information Security magazine: Does security make the grade in Windows Server 2008?:

According to the Information Security/ SearchSecurity.com Priorities 2008 survey, you'll be spending more time on...well, you name it.


Information Security's fourth annual Priorities survey drew record participation from readers--more than 1,100 of you responded--and one thing came through loud and clear: More initiatives and responsibilities are being put on your plate and nothing seems to be coming off.

When we asked about key initiatives such as endpoint security, vulnerability management, compliance, identity management and the like, 80 percent responded they will be spending equal or more time on such matters. While these findings show that indeed you will be busy in 2008, they also show the importance and influence of your role in the organization. In fact, 67 percent say their job is going to be more strategic in 2008.

Today many CISOs and CSOs are far more involved in risk management and regulatory compliance issues, moving away from technology responsibilities. Seventy-five percent of those surveyed say they will be spending more time on compliance in 2008, working to continuously improve compliance processes.

Other results of note: Endpoint security and network access control are gaining ground in organizations; 69 percent of those surveyed say it is important for 2008. For the last 18 months NAC has been about marketing hype with Microsoft, Cisco and other vendors evangelizing the rewards of the technology. It appears that in 2008 we'll start to see some deployments and will be able to assess its success.

Speaking of Microsoft and Cisco, we asked our readers what they thought of these vendors and the results were telling. While Microsoft has made inroads with its Trustworthy Computing initiative, the company still needs to win the hearts and minds of security professionals. Only 23 percent think that Microsoft has strong security. When asked the same question about Cisco, 60 percent responded positively. Still the large vendors have a leg up on some of the smaller vendors as 58 percent of users are reticent to work with smaller vendors.

We also saw some interesting results when it comes to technology deployments. Enterprise single sign-on is picking up steam with 47 percent saying they will evaluate or implement eSSO in 2008. Conversely, federated identity management has lackluster interest with more than half of those responding saying they weren't going to do anything with it in 2008.

Data protection continues to be a front-and-center concern as data breaches expose vulnerabilities and regulations demand action. Sixty-six percent say database security is either important or very important, followed by data leakage at 56 percent and intellectual property protection at 52 percent. And as attackers focus on applications, 59 percent say secure coding practices are important or very important. Meanwhile, there appears to be widespread adoption of all sorts of encryption in organizations today.

We hope you find these results informative as you embark on security projects for 2008.

SEARCHFINANCIALSECURITY.COM and SEARCHSECURITY.CO.UK
We're pleased to announce we have launched two new security sites as part of our editorial portfolio. While we have Information Security translated into several languages, and published in more than a half-dozen countries, we are expanding our international offerings with SearchSecurity.co.uk. This site will address the specific regulatory and technical needs of the U.K. audience. We have also launched SearchFinancialSecurity.com, where we will provide very specific and more targeted security information for information security professionals in the financial services market.

This was first published in February 2008

Dig deeper on Security Resources

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close