Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

IT innovation challenging security pros' knowledge, resources

Antone Gonsalves | Feb. 12, 2014
Upper management pushing for rollout of new technology without fully understanding security risks.

Securing the wide variety of mobile devices executives and employees want to use on the corporate network is a good example of what's causing migraines for security pros, Murphy said. Up until the last few years, security executives only had to worry about PCs connecting to networks.

"They're now having to do crazy amounts of stuff in order to support everything that shows up in their environments everyday," Murphy said. "I feel their pain."

For the current situation to improve, businesspeople and security pros will need to come together and work on a "holistic approach" to securing new technologies, Murphy said.

"Security and risk don't have to inhibit innovation," she said. "Innovation might have to go a little bit slower in order to accommodate it, but there's no reason they can't coexist."

Overall, a majority of respondents said the pressure to secure their organizations increased last year from 2012 and they expect to experience a similar rise this year, the report found.

The greatest concern was falling victim to a targeted malware attack, followed by the threat of phishing and hackers exploiting unknown vulnerabilities. Phishing is when hackers design email to trick recipients into clicking on a malware-carrying attachment or a link to a malicious website.

The greatest worry from an attack was the loss of customer data, with intellectual property theft coming in second, according to the report. Reputation damage, fines or legal action were less of a concern.

To reduce security pressure, more than eight in 10 respondents listed hiring more staff. However, the survey indicated that upper-management appeared to favor hiring managed security service providers. The majority of respondents already partnered with MSSPs or was likely to do so in the future.

Other items on the wish list of security execs included more skills and expertise and more time to focus on security.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.