Coming into 2014, cloud computing, BYOx (bring-your-own-device and other personal computing gadgets), and security awareness are predicted to be hot trends for IT security. To understand which trends are being validated versus those that might be a lot of hot air, we asked some of our most senior members for their perspectives.
To start, there was consensus that cloud computing is becoming a reality that will need to be addressed by every security department. Executives are the driving force behind cloud adoption – most likely due to proclaimed economic benefits. However, CISOs caution that the security implications of cloud computing are serious and will remain.
Surprisingly, with all the industry hype surrounding BYOx, Wisegate members agreed it's not developed as expected. Realities of full adoption, such as support costs, compliance risks and usage reimbursement, can actually raise the total cost of ownership at a time when the TCO for company-owned PCs is dropping.
Another hyped trend is security awareness, which many IT leaders believe may be unwarranted. Most agree that getting employees to pay attention to what they are doing and how it affects the security of their organization is still a challenge. Yet some believe the challenge is a worthy one.
Other Wisegate members agreed that often the best solutions to problems – hyped or not – come from conferring with other expert CISOs. “Often senior technology leaders struggle to get straight answers about IT,” said David Sherry, CISO at Brown University. “We need to connect to peers, who are the best source of pragmatic information on what works, what doesn't, and key lessons learned.”
No matter what the viewpoints are on the hype versus reality, all security practitioners agree we will face significant challenges managing the growing complexity of IT security in the days ahead.