Wednesday, 13 November 2013

John Colley: What you need for effective security

John Colley, Managing Director of (ISC)2 EMEA publishes regularly on Infosecurity Voice. His latest article argued that “governance, risk management and compliance are not enough on their own”.
In recent years staffing and talent development have become increasingly important to all industries and IT security is no exception. Given the significance of the matter, senior security executives should take the time and put new talent under scrutiny.
Without new talent and further development of existing personnel in the security field, you may have to deal with serious consequences. Since cyber security challenges are rapidly-evolving alongside the non-stopping emergence of new technologies, companies and IT security professionals must make every effort to stay ahead of the curve.

According to a new report released by (ISC)2, based on responses from more than 1,600 c-level executives globally, the senior C-suite is aware of the security threats, but because they are occupied by reacting to organisational and compliance requirements, they are unable to spend the time to put adequate measures in place to effectively tackle security issues. 
Governance, risk management and compliance (GRC) policies take up nearly three-quarters of senior security executives’ time; especially in the fields of financial services, insurance, banking and government.
To learn more about the C-suite’s security challenges, read the full article on the ComputerworldUK Blog.