dcsimg
 
 

Study: Technology Not an IT Security Solution

By Deborah Rothberg  |  Posted 2006-10-25 Email Print this article Print
 
 
 
 
 
 

Processes and people are most important elements in achieving IT security, according to a new study.

Management support of security policies is the most important element in effectively securing organizations' infrastructure, according to the third annual Global Information Security Workforce Study, conducted by analyst firm IDC and sponsored by the (ISC)².

The list of imperative ingredients for a secure infrastructure also included having users follow security policy, having qualified security staff, and software and hardware solutions. Responses came from more than 4,000 information security professionals in over 100 countries.

Technology as an enabler, but not the solution, for implementing a sound security strategy was an ongoing theme in the results.

Processes and people were also highlighted in responses; these are areas which have been traditionally overlooked in favor of trusting hardware and software to solve security problems.

The study, released Oct. 25, found that increasingly, responsibility for security information assets is shifting from the CIO to other senior managers, and in many cases, outside IT altogether to chief financial and chief risk officers and legal and compliance departments.

The number of information security professionals worldwide will jump to 1.5 million, an 8.1 percent increase over 2005. Expected to increase at a compound annual growth rate of 7.8 percent between 2005 and 2010, information security outpaces IT as a whole, where the increase in employees in the same time frame is 4.6 percent.

IT security jobs go mainstream. Click here to read more.

U.S. and EMEA information security professionals rated risk management as a top training priority, followed by business continuity and forensics.

Organizations seem to be in-line with this priority, as they are spending a greater percentage of their information security budgets on training in 2006 over 2005.

Down from a peak of 92 percent in 2004, information security certifications were still rated as highly prioritized by 85 percent of hiring managers in 2006.

Check out eWEEK.com's for the latest news, reviews and analysis on IT management from CIOInsight.com.



 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

By submitting your information, you agree that baselinemag.com may send you Baselinemag offers via email, phone and text message, as well as email offers about other products and services that Baselinemag believes may be of interest to you. Baselinemag will process your information in accordance with the Quinstreet Privacy Policy.

Click for a full list of Newsletterssubmit