The future of IT security is data security--not device security
When asked what infrastructure security controls would be prioritized over the next few years, nearly a third of respondents--32 percent--named information protection and control as their top priority. Web application firewall wasn't far behind, with 26 percent naming this as a top priority.
This suggests a shift in emphasis from protecting devices to placing a greater emphasis on protecting applications and the data itself. Firewalls are now application firewalls rather than trusted network firewalls. If IT security professionals' top security controls are designed to protect the data itself, even if there is a breach of sensitive information, that information will remain hidden from any attacker.
Faced with the impossibility of defending against malware attacks in the new cloud/BYOD paradigm, security teams are engaged in a massive shift from protecting devices to protecting data. Stay tuned for our breakdown of this new paradigm--data centric security in a future CSO article. We'll take a deeper dive into the idea that if data itself is safe, it doesn't matter if there is a breach.
Sign up for CIO Asia eNewsletters.