|
|
Why CSOs No Longer Rely on TechnologyProduct Type: Market Research ReportPublished by: IDC Published: December 2007 Product Code: R104-32387 Description
This IDC study looks at the shift in the role of the CSO (chief security officer) in organizations. In 2007, most security vendors proved their technical ability and successfully fought known malware threats. Meanwhile, most CSOs in Western European organizations are being asked to deal with non-technical areas: compliance with rules, return on investment (ROI) and total cost of ownership (TCO) optimization, and employee empowerment. In such a business-related environment, technology that promises so much often clashes with real-life experience. "Because many attacks exploit software or system weaknesses, CSOs are realistic. No security policy can only rely on technical solutions, even if nothing can be done without IT automation. The search for wider answers to insecurity is important in Western Europe," said Eric Domage, Western European research manager for security software and services at IDC. "We must look at the CSO agenda to see how many non-technical tasks they have to assume with the security budget. It is time now for the industry to understand the business needs of CSOs and leave the technical discussions to the back-office expert." The study shows how technology plans are often breachable due to the "Swiss cheese" model. Table of Contents Table of Contents IDC Opinion In This Study Situation Overview Why do Companies Adopt IT Security Policies? Figure: Global Security Mission Embraces the Global IT System Figure: Visible Consequences of IT Breaches and Misuse Figure: IT Security Policy Protects Knowledge and Enables Compliance Why Does the CSO Not Rely on Technology? What Does an IT Policy Look Like? Figure: How IT Security Policies Are Divided Into Layers of Solutions Figure: Details of Two Security Policy Layers: IAM and VM How Reliable are These Layers? Figure: Murphy's Law Applied to Security Layers Randomly Opens Breaches in the IT Security Policy When the IT Security Policy Turns into Swiss Cheese Figure: Randomly Opened Layers Offer Image of Swiss Cheese for IT Security Policy Swiss Cheese Model Theory for IT Chaos Figure: Swiss Cheese Theory for IT Chaos: When Holes Line Up in a Deadly Tunnel Between Threat and target What Can We Learn From the Swiss Cheese Model? Future Outlook What is on the CSO Agenda? Essential Guidance For Vendors For Users For Implementers (System Integrators, VARs) Learn More Related Research Synopsis |
|
||||||||
MindBranch has been the leading provider of industry and investment research from more than 550 independent research firms since 1992. With over 90,000 market research reports, MindBranch is your trusted source of competitive business intelligence. |