In Analyst Corner we round up the latest papers from the research firms that cover the IT industry. This week, we focus on security and compliance.
Organisations are spending more on software to support corporate governance, risk management and compliance, according to Gartner. By 2008, more than 75% of large and mid-size firms will use compliance management, monitoring and automation systems, it said. The number of regulations affecting IT operations is set to double by 2012.
More than one in four organisations do not enforce a wireless security policy, a survey of 320 firms by Infosecurity Europe has found. "Most businesses do not scan their perimeters regularly. If you have a no-wireless policy, scanning is essential to ensure it stays that way," said ISSA president Phil Cracknell.
"Upcoming European regulations will involve a shift in the chief security officer's role, from someone in a technical position of managing technological solutions to a business position of managing risk," said Thomas Raschke, senior analyst at Forrester Research.
UK firms rank classifying the data they keep for corporate governance as a priority, but they seem less keen on deleting or protecting that information, according to a survey of 950 IT decision makers by Hitachi Data Systems. Although 80% of UK companies have employed data classification techniques, only 38% encrypt the data under their protection.