IT security trends move toward information risk management

Linda Tucci, Executive Editor

IT security trends are moving away from a tactical, technical focus on IT operations to "information risk management." Bring in the consultants! The evolution toward information risk management is shaking up the way IT security works at many large organizations.

    Requires Free Membership to View

Jonathan Penn, a security analyst at Forrester Research Inc. in Cambridge, Mass., has singled out five trends in IT security that are on your chief information security officer's agenda in 2008:

  1. GRC: IT governance, IT risk management and IT compliance (GRC) will converge into one discipline, with greater attention paid to metrics, staffing and optimal organizational structure.

  2. IT security operations: As IT security technology becomes commoditized and embedded in IT infrastructure, security organizations will split into two groups: strategy teams focusing on business issues of risk management, and operational teams overseeing the technical aspects.

  3. Application security: Applications are a prime target for attackers because they deal with sensitive data. A "fix it when danger strikes" approach is giving way to proactive security programs that span the application lifecycle, from bright idea to operation.

  4. Datacentric security: In an age of many business partners, this is the mammoth effort to classify data in order to determine who gets to see it and how to protect it. This cannot be done in a vacuum and requires close communication with business leaders.

  5. Digital investigations, forensics and e-discovery: This can be a scary and daunting area -- especially e-discovery, in which organizations are still struggling to figure out what constitutes best practices.

Source: Forrester Research Inc. "Five Trends That Will Shape The IT Security Profession in 2008," Jonathan Penn.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: