Enterprises forced to revamp security policies

Combination of hackers and regulations prompt major rethink.

Increasingly stringent government and industry regulations, combined with an ongoing assault from cyber-criminals and malware, will force organisations to revamp security policies, IDC has predicted.

The analyst firm said that this shifting landscape has spawned a new competitive market, which it labels Security Compliance and Control (SCC).

The SCC market includes all compliance-related products in the areas of content control, identity and access management, security and vulnerability management, and security compliance services.

IDC predicts that this sector will generate sales of $7.4bn worldwide in 2006. In the US, the SCC market is expected to experience high growth through to 2010 as new security threats emerge and government regulations are tightened.

"Regulatory compliance initiatives are quickly becoming part of larger corporate governance and risk management strategies," said IDC research analyst Rose Ryan.

"Executives are pushing for compliance to protect themselves from security threats, but also to avoid personal liability and the possibility of criminal and/or civil penalties."

Ryan added that civil prosecution can carry substantial financial penalties and seriously damage a company's reputation.

The IDC study noted that compliance is not just a US issue. Governments worldwide have created legislation governing privacy and governance, but laws vary from country to country.

According to the study, compliance represents a new class of internal threats that increasingly concerns most enterprises.

It also predicts that worldwide SCC markets will continue growing as compliance infrastructures become critical components of global trade.

Copyright ©v3.co.uk

enterprisesforcedpoliciesrevampsecurityto