Published: 01 Feb 2008
According to the Information Security/ SearchSecurity.com Priorities 2008 survey, you'll be spending more time on...well, you name it.
When we asked about key initiatives such as endpoint security, vulnerability management, compliance, identity management and the like, 80 percent responded they will be spending equal or more time on such matters. While these findings show that indeed you will be busy in 2008, they also show the importance and influence of your role in the organization. In fact, 67 percent say their job is going to be more strategic in 2008.
Today many CISOs and CSOs are far more involved in risk management and regulatory compliance issues, moving away from technology responsibilities. Seventy-five percent of those surveyed say they will be spending more time on compliance in 2008, working to continuously improve compliance processes.
Other results of note: Endpoint security and network access control are gaining ground in organizations; 69 percent of those surveyed say it is important for 2008. For the last 18 months NAC has been about marketing hype with Microsoft, Cisco and other vendors evangelizing the rewards of the technology. It appears that in 2008 we'll start to see some deployments and will be able to assess its success.
Speaking of Microsoft and Cisco, we asked our readers what they thought of these vendors and the results were telling. While Microsoft has made inroads with its Trustworthy Computing initiative, the company still needs to win the hearts and minds of security professionals. Only 23 percent think that Microsoft has strong security. When asked the same question about Cisco, 60 percent responded positively. Still the large vendors have a leg up on some of the smaller vendors as 58 percent of users are reticent to work with smaller vendors.
We also saw some interesting results when it comes to technology deployments. Enterprise single sign-on is picking up steam with 47 percent saying they will evaluate or implement eSSO in 2008. Conversely, federated identity management has lackluster interest with more than half of those responding saying they weren't going to do anything with it in 2008.
| Data protection continues to be a front-and-center concern as data breaches expose vulnerabilities and regulations demand action. Sixty-six percent say database security is either important or very important, followed by data leakage at 56 percent and intellectual property protection at 52 percent. And as attackers focus on applications, 59 percent say secure coding practices are important or very important. Meanwhile, there appears to be widespread adoption of all sorts of encryption in organizations today.
We hope you find these results informative as you embark on security projects for 2008.
SEARCHFINANCIALSECURITY.COM and SEARCHSECURITY.CO.UK