Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Tuesday, October 24, 2006

It’s the People, Stupid

When asked to rank their top priorities, more than 4,000 security professionals in more than 100 different countries named two “people” issues: gaining support from management and getting users to follow security policies, researchers said.  “Over the past six years or so, there’s been a lot of emphasis on technology buying and technology implementation, but security professionals and their companies are really beginning to see that technology is only part of the answer.”

“Regulatory requirements such as [Sarbanes Oxley] and [the Gramm-Leach Bliley Act] are forcing organizations to take a closer look at their people and processes,” Allan Carey, senior research director at International Data, which conducted the study, noted. 

While the number of security professionals increased 8.1 percent worldwide in the past year, “you can look at any jobs site and see that there are a lot of open positions out there,” Carey noted.  As a result, many organizations are giving more responsibility to junior-level staffers and security outsourcing organizations, the report says.  “If they can’t hire somebody with the skills they need, a lot of companies are taking a junior staffer and investing in the training and certifications they need within the organization,” Carey said.

In the study, respondents rated biometrics, wireless security, intrusion prevention, and forensics tools as high priorities.  “Biometrics rated either number one or number two across all regions, which is a relatively new trend,” said Carey

The study can be found at:

Posted on 10/24