ESG recently published a new research report titled, Security Management and Operations: Changes on the Horizon. As part of the survey, ESG asked 315 security professionals working at enterprise organizations (i.e., more than 1,000 employees) to identify the most important factors driving their organization’s information security strategy in 2012.
The top two responses were quite predictable: 55% said “protecting sensitive data and intellectual property (IP)” while 50% pointed to regulatory compliance. What is interesting is the responses beyond these two traditional security drivers:
- 41% said “addressing new types of threats”
- 39% said “improving/automating security operations”
- 38% said “addressing security issues created by the use of mobile devices”
- 35% said “improving our ability to analyze security data and detect attacks in progress”
- 33% said “aligning security policies and controls with business processes”