Staying ahead of the curve through continual education is key to success in keeping data secure, an information security seminar in London has heard.
"The security industry cannot stand still and needs to continue to grow," Ray Stanton, global head of security at BT Global Services told the seminar hosted by information security professionals' organisation (ISC)².
According to Stanton, information security professionals must continually update their understanding of the threat to their organisations
"This demands regular reviews of relevant political, economic, social and technological developments to fully understand the threat profile of their specific business," he said.
Stanton challenged security professionals to find ways of adding value to their organisation by engaging more closely with business stakeholders.
"It is easy to sit back and wait to react to the next incident, but far more valuable to translate business objectives into security terms and then go back to the business with what needs to be done to achieve those objectives in a secure way," he said.
The role of security professionals is not to determine the level of acceptable risk, but to find ways to achieve business goals as securely as possible and make it clear what risks are involved to enable the business to make an informed decision, said Stanton.
"An important part of this communication process is demystifying security for the business because much of it is basic common sense," he said.
While security professionals should be aware of emerging trends should not get so wrapped up in them that they forget to get the basics right and make security easy for the business to do and understand, said Stanton.