Threat analysis, data harvesting, mobility and the commoditization of IT security products have been cited by analyst firm IDC as the biggest threats to security in 2012.
Speaking at the recent NetIQ Rethinking Security conference in Sydney, IDC Asia-Pacific associate vice president Simon Piff told delegates that, according to a recent IDC APAC research report entitled ICT Top 10 Security Predictions, mobility and BYOD had increased the complexity of security this year.
The enterprise adoption of consumer devices such as the iPad by C-level executives was making things harder for IT managers, according to Piff.
This was because CEOs wanted tablets so they could read their emails. In some cases, IT managers were asked to make their CEOs exempt from the organization’s security rules so they could access their email anywhere.
“Embedded in the `I want an iPad with email’ discussion is the unspoken but implicitly expected security,” he said.”You cannot be secure and connected at the same time- it doesn’t happen.”
Piff added that the minute executives were allowed to have smartphones and tablets on the network, the IT manager needed to accept that there would be a level of insecurity in the organization.
Commoditization of IT security features
According to IDC APAC predictions, the commoditization of security features such as firewalls was leading people to assume that if it was being delivered by the IT department then this made it secure.
“These days people think they have a firewall because they’ve got some [security] software on their laptop,” he said.”Some people no longer think about security because they make assumptions that they are protected.”
However, according to Piff, there were really only two types of organizations in the world — the company that already knows it has been hacked and the other type which does not know it has been hacked.