InfoSec: Regulatory compliance is top concern of IS professionals

InfoSec: Regulatory compliance is top concern of IS professionals

ISACA says security complexity increasing dramatically

Article comments

Regulatory compliance will be the top business issue affecting enterprise information security professionals in the next 12 to 18 months, according to research from ISACA.

The information security organisation questioned 2,400 members for a survey to be released at this week's InfoSec show in London.

ISACA said the increase in regulations, data breaches and new technologies, such as cloud computing and the rise of personal technology in the workplace, are accelerating complexity and risk.

Tony Noble, a member of ISACA’s guidance and practices committee, said: “The survey shows more clearly than ever that information technology cannot be managed in a vacuum. From the growing number of government regulations to consumer privacy concerns and hacktivist attacks, enterprise IT assets are being challenged in ways that go far beyond the server room.”

He said, “The study also reveals a marked perception that the business side of the organisation believes IT is managed in a silo, which indicates an opportunity for better aligning business with IT to unlock greater value.”

Regulatory compliance as the main concern was followed by enterprise-based IT management and governance, information security management, disaster recovery/business continuity, and the challenges of managing IT risks as additional major concerns.

ISACA said cloud computing, mobile device management, virtualisation and business intelligence issues were expected to rise in prominence as drivers for future major concerns.

On the regulatory compliance side, said ISACA, enterprises are facing a need to manage growth in a challenging global economy, while at the same time comply with a growing number of regulations and standards.

New or changed regulations expected to impact enterprise IT in the next 12 to 18 months, said ISACA, include Basel, Frank-Dodd, PII, Do Not Track, Solvency II and HITECH Meaningful Use, as well as an overall tightening of tax and privacy regulations worldwide.

Now read ISACA: Policy and technology key to reducing e-discovery risks


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
* *