Executive-level security officers at some of the largest global companies have identified four main concerns for 2012: mobile device security, identity management for cloud computing, threat management and profiling, and increasing regulatory pressures, according to Stonesoft.
“Our board members represent the thought leaders in security strategy for a number of global companies,” said Richard Benigno, senior vice president of Stonesoft, U.S. “While they have identified a broad range of security challenges such as fraud monitoring and privacy control, they all agreed on these four major focus areas.”
Mobile devices. Bring-your-own-device (BYOD) is a rapidly growing concern, affecting almost every organization. Many board members expressed challenges with balancing between controlling access to data and internal services with growing demand by employees for mobile use in the workplace.
Identity management. The cloud brings with it a loss of control by the IT department in managing user access. Single-sign on (SSO) to software-as-a-service (SaaS) offerings is a challenge for most organizations, particularly top U.S. corporations where hundreds of individual departments are demanding access to new cloud-based applications.
Regulatory pressure. Governance requirements from federal and industry standards organizations continue to drive increased costs from labor and tools to achieve compliance. Increasing granularity of the reporting requirements for HIPAA, GLB, Sarbanes Oxley and other industry or application specific guidelines, such as PCI, increase overall IT costs for the organization.
Threat management and profiling. Threat management, rather than mere identification and prevention, will always be a top priority. The new goal is to be more proactive than reactive. This means identifying threats as they emerge and taking steps to stop unwanted activity in advance of a breach through threat profiling.
“Developing talent to address the upcoming expansion of information security will also be a top priority for these organizations,” said Benigno.
Stonesoft founder and CEO Ilkka Hiidenheimo said he believes many vendors have fallen behind as the capabilities of attackers expand. “The threat landscape has changed since the inception of Stonesoft,” he said. “It is much more dangerous than we ever expected, particularly due to the rapid expansion of mobile devices and cloud-based applications.”