"The emergence of HIPAA and other laws that regulate security and privacy also has helped to move information security from a technical control to a business control," says the University of Rochester's Milford. "Prior to HIPAA, info security was considered a binary switch: 'Just make it secure.' But now it has become part of the risk assessment an organization must go through to determine how best to conduct business."
The Sarbanes-Oxley Act leads the way when it comes to regulations with which organizations must comply. About 42% of readers say they have to adhere to Sarbanes-Oxley, followed by HIPAA at 38%; the Federal Privacy Act of 1974 at 35%; and the USA Patriot Act at 26%.
Winner: Integration
It's not surprising that, strapped as they are for resources and time, security professionals want products and suppliers that let them do their jobs with minimal hassle.
Integration with existing networks is the capability survey respondents say they most look for in a product. Tools that don't work well within an existing architecture can be worse than ineffective--they can create new risks.
The next-most-sought-after features were performance, second; and high availability, third.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
