Regulatory compliance will be the top business issue affecting enterprise information security professionals in the next 12 to 18 months, according to research from ISACA.
The information security organisation questioned 2,400 members for a survey to be released at this week's InfoSec show in London.
ISACA said the increase in regulations, data breaches and new technologies, such as cloud computing and the rise of personal technology in the workplace, are accelerating complexity and risk.
Tony Noble, a member of ISACA’s guidance and practices committee, said: “The survey shows more clearly than ever that information technology cannot be managed in a vacuum. From the growing number of government regulations to consumer privacy concerns and hacktivist attacks, enterprise IT assets are being challenged in ways that go far beyond the server room.”
He said, “The study also reveals a marked perception that the business side of the organisation believes IT is managed in a silo, which indicates an opportunity for better aligning business with IT to unlock greater value.”
Regulatory compliance as the main concern was followed by enterprise-based IT management and governance, information security management, disaster recovery/business continuity, and the challenges of managing IT risks as additional major concerns.
ISACA said cloud computing, mobile device management, virtualisation and business intelligence issues were expected to rise in prominence as drivers for future major concerns.
On the regulatory compliance side, said ISACA, enterprises are facing a need to manage growth in a challenging global economy, while at the same time comply with a growing number of regulations and standards.
New or changed regulations expected to impact enterprise IT in the next 12 to 18 months, said ISACA, include Basel, Frank-Dodd, PII, Do Not Track, Solvency II and HITECH Meaningful Use, as well as an overall tightening of tax and privacy regulations worldwide.