The gap between security risks and the ability to tackle them is set to rise as the effects of the credit crunch continue to bite, delegates heard at a panel session at RSA Europe 2008 Conference.
“We still haven't got the mindset of security awareness embedded in our organisations, so we're permanently playing catch-up. After the credit crunch there will be fewer of us security professionals around to deal with this,” said Alan Stockey, formerly head of IT risk management at JP Morgan.
"Outsourcing will be particular concern,” said Iain Andrews, Head of Information Security at Fujitsu. “We need to ask where has a service been outsourced to.
For example, I know of a case where a service was outsourced to India, and then outsourced again to the Philippines,” he said.
As the economic downturn begins to bite it will be necessary to re-assess the risks from outsourcing, said Andrews. “There are going to be security risks in any country that is producing a lot of new, highly qualified graduates but where the economy is stagnating,” he suggested.
The rapid growth in storage and smart handheld devices, and new working patterns will make securing corporate data a tough challenge in the next few years, said Guy Bunker, Chief Scientist at Symantec UK.
“From a corporate
standpoint, we really don't have a handle on this. If we don't know
where the critical information is, how can we protect it?” he said.
This issue can only grow sharper as the workforce becomes more sophisticated. Many employees will have increasing access to powerful technology at home and will expect to be able to use it in the workplace, said Bunker. Keeping a clear
dividing line between corporate and personal data will be increasingly difficult.
Security professionals also need to look beyond the present economic woes, suggested Alan Stockey. “In 2010, if a new surge of investment comes in, we have to ask where IT security will be, whether it will be at the top table,” he said.
See original article on scmagazineus.com
Credit crunch means fewer security professionals and growing risks
By Derek Parkinson on Oct 29, 2008 10:20AM