There's more than that at work in security managers' thinking, Hansen says. Quite often, it's the external breaches, not the internal ones, that get IT security professionals fired. Other times, IT security staff might not even be made aware of how serious internal threats can be. Also, security managers sometimes tend to see internal threats as more of a human-resources problem than an IT one.
|
 |
Among the technologies deployed by readers, antivirus ranks highest on the perimeter, on internal networks, on desktops, and for messaging security. Antivirus software and similarly older, more-robust applications are common within organizations because they're "low-hanging fruit," Hansen says. Moreover, they present good metrics that can be shown to higher management. "Those are the kinds of things that allow you to say, 'Hey, I'm providing value to the organization,' " she says.
And to a large extent, being able to show value is the name of the game for IT security managers who are struggling to meet intensifying threats and surging compliance requirements with inadequate staff and budgets. Still, most IT security experts continue to find workarounds and fixes to handle their security needs, despite the lack of support they sometimes receive from executive management.
|
Secure Enterprise posted its third annual deployment survey on the Web from Aug. 3 to Aug. 17. It also provided links to the poll on networkcomputing.com, secureenterprisemag.com, and in newsletters and the print magazine. E-mail messages also were sent with an embedded link to the poll to subscribers of Secure Enterprise, Network Computing, and IT Architect (formerly Network Magazine), and members of the Computer Security Institute. The survey received 1,522 valid responses from IT security administrators, managers, midlevel executives, and corporate execs. Approximately 20% were chief security officers, chief information security officers, or senior security managers. Roughly 22% were executive managers; the rest were administrators. |
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
