Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

(ISC)2 warns against do-it-yourself IT initiatives

ISC Squared : 11 December, 2009  (Technical Article)
John Colley of (ISC)2 predicts that some businesses will rush into the cloud without assistance from IT Security professionals in the clamour to restart business initiatives that have recently been on hold due to financial constraints
"Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in 2010 and beyond," says John Colley, CISSP, EMEA managing director of non-profit education and certification body (ISC)2. However, despite this new-found appreciation companies are set to stumble into new areas for putting data at risk with the do-it-yourself accessibility of Cloud Computing and a recovering economy fuelling new initiatives before they can be properly resourced.

He explains, "After the cutbacks in 2009, most businesses will be eager to re-engage business initiatives. They should beware of rushing in without giving proper consideration to the security requirements however especially since security teams and projects have been pared back to minimum requirements it will take time to build them back up".

Adding to this dynamic is the concern that Cloud Computing will make it very easy for people to get around the internal limitations of their IT department. An Autumn 2009 poll of over 300 (ISC)2 certified security professionals, indicated that over 92 % anticipate employees will circumvent the IT department to trial Software as a Service or cloud-based solutions

"On the one hand, a carefully controlled migration to cloud-base services with suppliers that can demonstrate a real appreciation for security can enhance a company's security stature. On the other, the newly developed do-it-yourself ability for all risks uncontrolled placement of data with cloud service providers of all abilities," explained Colley. "We face a significant learning curve during which the opportunity to put data at risk will multiply."

Colley advises information security professionals to put more emphasis on user accountability. "It has never been enough to secure the systems; data is manipulated by the people that use it and they are the ones introducing much of the new risk of its compromise. The good news is both business and individual users trusting cloud services will not tolerate data compromise for long. This will force them to prioritise security and in turn impact priorities for the developers serving this sector," he concludes.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo