PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
October 2003

Security survey results: Six information security myths dispelled

"There is no there there." Gertrude Stein's famous quip about Oakland, Calif., also characterizes traditional executive attitudes toward infosecurity. Managers know it's there; they think it's necessary; and they'll spend money on it, since the auditors and regulators tell them to. But corporate executives have no idea what the security guys really do. Exacerbating this perception is infosecurity's immaturity as a product/service industry and, more importantly, as a profession. In the IT world, mature practices are characterized by standardized operations, metrics-based decision-making and proactive measures in the face of change. Historically, infosecurity practitioners have adopted few, if any, of these practices. But some of that is changing, according to recent surveys conducted by Information Security and SearchSecurity, the magazine's sister site. Taken together, the surveys offer an in-depth look at the practices of nearly 4,000 security professionals, including statistics that point to a more disciplined, mature approach...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue