The next wave of IT investments will be aimed at
achievingefficiency across the business,
attendees ofInfosecurity Europe 2009in London
have heard.
"This is a great opportunity for IT to engage with the business
to help take it forward in
challenging economic times," said Jason Creasey, head of
research at the Information Security Forum (ISF).
The pressure is on, with 63% of ISF members reporting that they
expect budgets to drop in 2009, according to an ISF report on
managing security in a downturn.
According to the report, the financial crisis has also
accelerated the change and sophistication of new threats to
information security.
"Organisations need to prioritise spending to protect the most
important assets, assuming they know what these are," said
Creasey.
Specific threats include the rapid increase in targeted and
organised cybercrime, espionage, risk to intellectual property,
internal and external fraud and theft of information from
disgruntled employees.
"Both internal and external threats are higher, with increasing
staff turnover and dissatisfaction coupled with a trend to more
organised profit-driven crime," said Creasey.
Changes in risk and the way attacks occur means their effects
are harder to predict, soa new approach is required that does not
rely on past experience.
"Instead we need to approach each instance as something new and
be rational and flexible in providing the solutions," said
Creasey.
The report warns that recovery from the effects of
reduced information security budgets and
loss of experienced staff could continue after the downturn is
over.
Useful links: