Follow the money to converged physical and logical security solutions

| 0 Comments | 0 TrackBacks
Who's got the money for converged physical and logical security solutions in a recession? The IT department, according to surveys released at the RSA Conference in San Francisco this week.

(ISC)2, the information security professional association and home of the CISSP credential, canvassed 1,500 U.S.-based information security professionals in a continuing online survey. While more than 70 percent of the respondents said the recession had some impact on their security-related purchases, 53 percent said their spending would not decrease over the rest of the year.

About one-third of the respondents have hiring responsibilities, and 44 percent of those said they were hiring additional information security staff this year. The most needed expertise included information risk management, operations security, certification and accreditation, security management practices, and security architectures and models.

A smaller survey of 53 IT security professionals by MetroSITE Group and Pacific Crest Securities indicated 28 percent of respondents expect their security budgets to grow from 5 percent to more than 10 percent this year. Forty percent of the respondents who said they are decreasing overall IT budgets by 5 to 10 percent also said they are not decreasing security budgets, with 20 percent in this group actually increasing security spending. Respondents identified governance, risk and compliance/audit, mobility and identity and access management as leading--and funded--security projects.

These findings track with a recent survey of security directors conducted by the Security Executive Council.

What's the bottom line on these findings? First, funding for converged physical and logical security solutions exists; second, it's being earmarked for IT projects, like identity and access management, that should incorporate existing physical security systems and databases for maximum effectiveness. So this is not a time for security professionals to hunker down but to show up at the IT table, explaining how the solutions they already have or want to upgrade will help IT get a bigger return on its security investments. That's following the money--then leading it.

By Sharon J. Watson

Query: How would you characterize the financial relationship between IT security and physical security at your company?
Google Reader or Homepage
Who's got the money for converged physical and logical security solutions in a recession? The IT department, according to surveys released at the RSA Conference in San Francisco this week.

(ISC)2, the information security professional association and home of the CISSP credential, canvassed 1,500 U.S.-based information security professionals in a continuing online survey. While more than 70 percent of the respondents said the recession had some impact on their security-related purchases, 53 percent said their spending would not decrease over the rest of the year.

About one-third of the respondents have hiring responsibilities, and 44 percent of those said they were hiring additional information security staff this year. The most needed expertise included information risk management, operations security, certification and accreditation, security management practices, and security architectures and models.

A smaller survey of 53 IT security professionals by MetroSITE Group and Pacific Crest Securities indicated 28 percent of respondents expect their security budgets to grow from 5 percent to more than 10 percent this year. Forty percent of the respondents who said they are decreasing overall IT budgets by 5 to 10 percent also said they are not decreasing security budgets, with 20 percent in this group actually increasing security spending. Respondents identified governance, risk and compliance/audit, mobility and identity and access management as leading--and funded--security projects.

These findings track with a recent survey of security directors conducted by the Security Executive Council.

What's the bottom line on these findings? First, funding for converged physical and logical security solutions exists; second, it's being earmarked for IT projects, like identity and access management, that should incorporate existing physical security systems and databases for maximum effectiveness. So this is not a time for security professionals to hunker down but to show up at the IT table, explaining how the solutions they already have or want to upgrade will help IT get a bigger return on its security investments. That's following the money--then leading it.

By Sharon J. Watson

Query: How would you characterize the financial relationship between IT security and physical security at your company?
Google Reader or Homepage

No TrackBacks

TrackBack URL: http://www.securitysquared.com/cgi-bin/mt/mt-tb.cgi/26

Leave a comment