Management must back IT security, say experts


Management must back IT security, say experts

Bill Goodwin

Security specialists rank management support of security policies as the most important factor in corporate security, according to a report by security certification body ISC2.

The study, conducted jointly by ISC2 and IDC, was based on interviews with more than 4,000 IT security professionals in Europe, the US and Asia.

After management backing, the specialists see persuading users to follow established policies as most important to effective security.

The report found that companies were spending more than 40% of their information security budgets on personnel, education and training - highlighting a growing recognition of the importance of human factors in security.

"This year's study further validates the conventional wisdom, long-held by security professionals, that people are the critical component of an effective information security programme," said Ed Zeitler, executive director of ISC2.

The survey shows that, with experienced security staff in short supply, a growing number of companies are hiring less experienced staff and investing in training.

Information risk management remains the top training priority for IT security staff in Europe and the US. This is likely to continue as organisations work to manage corporate risks, says IDC.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy