Information Security is becoming the victim of the disruptive change introduced by the latest trends in Information technology: Bring Your Own Device (BYOD), Cloud Computing and Social Networking. Today a corporation’s systems development, and therefore that of its technical security controls, is slipping away from the carefully planned IT strategy.
For the information security professional, this makes for a very challenging management landscape.
This paper outlines the changing dynamics for security governance brought about by the shifts currently taking place in IT technology against the context of the developing expectations coming from our increasingly active policy makers. It offers the first published focus on the EMEA findings of the 2013 (ISC) 2 Workforce Study, citing the experience of 3229 people in the region with responsibility for information security, including analysis for Germany, France and the United Kingdom. Findings confirm the shift in IT:
Virtually all companies have some level of cloud computing,
Almost half of companies that allow any user device to access their corporate networks,
Social media too is evolving from its beginning as a consumer platform with approved business use.
Survey insights look at the impact of these developments and stresses in the ability to defend and recover from attack. At the light of these results, we will review and comment the various policy proposals currently under discussions in the various EU instances