Data protection is the top security priority for more than half of UK organisations in 2013, a survey has revealed.
This is unchanged from 2012, but went up from 43% to 50% of more than 300 IT security professionals polled by TechTarget and Computer Weekly.
However, mobile endpoint security has moved up into second spot from fourth position the year before, reflecting a growing use of mobile technologies and the need to secure these devices.
A third of respondents said their organisations plan to implement mobility initiatives in the coming year; 49% said their organisations would allow employees to buy their own smartphones; and 29% will allow employees to buy their own tablets for corporate use.
Read more on data protection
- Jericho Forum: Data Protection
- Business priorities: what to protect, monitor and test
- Data Protection Masterclass: New EU data protection regulation
- BYOD policy and the data protection products that can help
- Secure your data – protect your business
- EC welcomes reports on proposed data protection reform
- Internet firms concerned over EU data protection proposals
- IDC: Spending on data protection software rises
- Posey: Defend your continuous data protection solution
- Data Protection Masterclass: Global privacy
- Organisations need alternative data protection as security models fail
- No backup? Using zero backup for data protection
Identity and access management has moved up to third place from seventh position in 2012, signaling a greater focus on role-based data access.
Network-based security is in joint third position, moving down from second position the year before, indicating a gradual move away from traditional network-based security.
Move to virtualisation
Virtualisation security has moved up to fourth position from sixth position, indicative of a growing need to secure virtual environments.
Increasing numbers of organisations are using virtualisation as they consolidate physical servers to cut costs and prepare for a transition to cloud computing.
According to the survey, consolidation is the top broad initiative UK organisations will seek to implement in the coming year, while cutting costs is the top focus for a third of IT departments.
Virtualisation is the top primary storage initiative for 36% of respondents; more than a third plan to implement desktop virtualisation; and nearly a fifth plan to implement application virtualisation.
However, when it comes to cloud services adoption, only 16% said they plan to use security-as-a-service in 2013 compared with 55% for software-as-a-service.
Cloud security comes in only at tenth position in security priorities. This suggests that, while more than half of companies are starting to use cloud, relatively few have moved sensitive data into cloud environments.
The survey shows security remains the top concern organisations have about cloud service providers, followed by protecting company data and reliability.
Consequently, cloud security remains a low priority at eighth position compared with threat detection and application-based security at joint fifth position.
There is little change in priority for these two technologies, although it is surprising application-based security has not moved up the ranks as attackers shift their attention from operating system vulnerabilities to the application layer.
Vulnerability management has slipped down the rankings from third to seventh position, despite the fact that many security experts say patch management remains an important way of mitigating known vulnerabilities, particularly as application-based attacks increase.
The appearance of security management at seventh position is unsurprising in the wake of investments in an ever wider set of security systems that generate alerts that need to be managed and analysed.
While security management does not feature in the top security initiatives for 2012, a year later it is on the agenda of 21% of respondents.