The Softer Side of Security

For the last few days as I’ve been over in Orlando speaking at MIS Training Institute’s excellent Infosec World. It’s one of the most comprehensive conferences in terms of subject area coverage, with 11 simultaneous streams of in-depth presentations. And the feedback from delegates is always good. So it provides an interesting perspective of the state-of-the-art of the US security community and an indication of the challenges facing security professionals.

In the UK we’re used to looking to the USA for an idea of what’s coming next. But in the information security world the opposite has often been the case in recent years as US companies adopt UK innovations such as ISO standards, ITIL management processes and de-perimeterisation strategies.

However the traditional gap between US and UK security emphasis – the former having a stronger technology focus and the latter more process-oriented – has largely disappeared. Programmes such as Infosec World now have a strong emphasis on softer management issues such as leadership, business alignment and human factors. It’s an encouraging trend and one that’s set to continue for a long time.