April 2008 — News

Print this article

Click here to receive your FREE subscription to T.H.E. Journal

Information Security Set for Explosive Growth

by Dave Nagel

  • Compliance management;
  • Configuration management;
  • Database security;
  • Web application security;
  • SIEM (Security Information and Event Management); and
  • Change management.

Security Training
And in order to support these technologies and the security goals they represent, training for information security professionals in expected to increase in the next 12 months. Around the world, 56 percent of respondents reported that they expect spending on training to increase in the coming year. The Americas saw the highest response in this area, at 58 percent. Globally, only 4 percent of respondents said they expected decreases in spending on information security training, with the lowest figure in the Americas, at 2 percent.

The top-5 areas in which respondents indicated the need for training was greatest included security administration (50 percent), applications and system development security (35 percent), telecommunications and network security (31 percent), access control systems and methodology (30 percent), and business continuity and disaster recovery planning (29 percent).

Forty percent of respondents indicated that they personally expect to acquire additional certifications within the next 12 months.

Users: Oh Yeah ... Them
Respondents indicated, however, that users are the greatest problem facing information security, with a full 80 percent reporting that users following security policy is important (32 percent) or very important (48 percent) to overall security within an organization. In fact, security policy issues with users, management, and security personnel beat out all other categories in terms of perceived importance, including software solutions, hardware solutions, and even hiring qualified security staff.

The study did not poll information security professionals on their attitudes toward providing service to users within an organization. However, there was one area that touched on user needs, and that was in the area of training for security professionals in privacy. This ranked lowest among all cited areas of training, with only 25 percent of respondents citing the need for privacy training.

The report concluded: "Information security is a global, cross-vertical, organization-wide concern that cannot be addressed with technology solutions alone. It requires the unconditional commitment of an organization at the financial, management, and operational levels to proactively secure and protect the organization's logical and physical assets. Security management will always require the proper balance between people, policies, processes, and technology to effectively mitigate the risks associated with today's digitally connected business environment."

Further information about the study, including a link to the full report, can be found here.

Get daily news from THE Journal's RSS News Feed

About the author: David Nagel is the executive editor for 1105 Media's online education technology publications, including THE Journal and Campus Technology. He can be reached at dnagel@1105media.com.

Proposals for articles and tips for news stories, as well as questions and comments about this publication, should be submitted to David Nagel, executive editor, at dnagel@1105media.com.

Cite this Site

Dave Nagel, "Information Security Set for Explosive Growth," T.H.E. Journal, 4/23/2008, http://www.thejournal.com/articles/22496

copy text (above) for proper citation