Risks assessments, application testing, access controls, and proactive planning top the list.
CISOs need to improve forensic investigations, root cause analysis, and security intelligence monitoring.
Endpoint security, security analytics, and process automation top the “to-do” list.
Strong enterprise demand will be counterbalanced by confusion and planning requirements.
Lots of market upside, budget dollars – and yes, competition.
New tools must improve technology and employee accuracy and efficiency.
Security groups point to cybersecurity training, software patching, and system hardening.
CISOs should think about privacy, culture, and third-party relationships.
Integration, analytics, services, identity, and "C-level" messages....
Enterprises want choices, integration, and specific types of data feeds. Will vendors acquiesce?
Vendors need better understanding and empathy about CISOs, security professionals, and business objectives.
Mobility and consumerization are having a hard and fast impact on IT. We are no longer in a “command and control” world in which IT dictates which tools employees use (hardware as well as software): More end-users are choosing their own hardware platforms and software applications in lieu of the IT-sanctioned business tools provided by their companies, and IT is sprinting to catch up. These end-users are looking to tackle issues like data sharing, portability, and access from multiple intelligent endpoint devices, creating a conundrum for IT as it has to balance business enablement, ease of access, and collaborative capacity with the need to maintain control and security of information assets.
Device introduction marks the intersection between biometrics commodification and consumerization.
CISOs need tighter control and improved security intelligence/analytics.
Combination of carrots, sticks, investment, and education.
Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s Information Security and Networking services. With 25 years of technology industry experience, Jon is widely recognized as an expert in threat and security management as well as all aspects of network security. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government. Prior to joining ESG, Jon was the founder and principal of Hype-Free Consulting. He has also held senior management positions at GiantLoop Network, Forrester Research, Epoch Systems, and EMC Corporation.
© 2013 Enterprise Strategy Group, 20 Asylum Street, Milford, MA 01757 508.482.0188
Enter your email address, and click subscribe