The Future of IT Security: 2009 and Beyond

Untitled Document

Difficult economic times are often accompanied by a rise in all types of crimes. In 2008 alone, the total number of data breaches nearly doubled from that of the previous year - with 16 percent of the breaches caused by company insiders like former or current employees.

The threat of layoffs and reductions in the workforce put valuable company assets at greater risk. To stay ahead of potential data loss and misuse, there is a need for absolute transparency as to the handling of company critical assets such as unstructured data (documents, spreadsheets, presentations, multimedia and graphics files, among others).

It is then expected that stricter data regulations and corporate mandated transparency are likely to reshuffle an organization's spending priorities in order to increase operational efficiency during this economic downturn and -- more importantly -- prevent valuable company assets from mishandling. As a result, new types of technologies will be propelled to the top of an IT department's "must-have" list for 2009.

Below is a quick guide to IT security spending and technology deployment decisions in 2009:

1. Automation is essential. A tough economy usually means being asked to do more with less. While IT departments tend to traditionally run lean, hiring freezes are likely to extend into this department. This potentially means that IT operations directors will have to reevaluate labor-intensive yet essential processes and tasks, and look for ways and technologies that can automate these tasks. This type of IT spending is likely to get approval, especially if the return on investment (ROI) is fast and justified.

2. Efficiency over innovation. Efforts aimed at increasing employee productivity and getting more from existing investments will definitely have an audience. 2009 is a great time for security vendors to offer customers technology tutorials and increased guidance on getting more from the functions of their installed technologies -- especially if those functions allow a business to save time and spending costs on new technologies.

3. Expenses must map to business benefit. While some new technologies and projects may be approved by businesses, it's almost certain that all new IT expenses demonstrate clear ROI and business benefits. Business managers will need to see immediate short-term savings in both time and money before approving any expense, even those required for operating the business.

4. Transparency to asset use. Incidents of data loss and misuse have been on the rise and are exacerbated by layoffs and job insecurity. In anticipation of this trend, companies are mandating greater protections for information assets and asking IT personnel to show proof of measures taken to that end. In addition, businesses are looking to implement processes that charge data stewards with the continuous monitoring and safekeeping of critical company information. According to Forrester Research, businesses are interested in deploying identity and access-management (IAM) technologies in 2009 to monitor users' rights, activities and provisioning. The main reason given for adopting IAM technologies is security and governance along with regulatory compliance.

5. Risk mitigation is good enough. While most organizations aim at 100 percent data loss prevention, business managers must weigh cost of protection against acceptable risk during a down economy. Measures that significantly reduce risk and provide adjunct operational benefits will be preferred to strictly preventative solutions with lengthy implementation timeframes.

Tough economic times mean that businesses must do the best they can with what they have and limit IT spending to what is absolutely essential for the company to operate. Businesses will also look to strengthen their IT security measures and protect their corporate assets in the most cost-effective way possible. Businesses will be allocating their IT budget toward technologies that can prevent risks, automate processes, allow for more transparency into employee data handling and prove to be a valuable business need.

In short, solutions that cut back on time and money as well as alleviate overburdened network operations personnel from their manual processes are expected to be the big winners when competing for IT spending this year.

About the Author

Johnnie Konstantas has more than 16 years of experience in the network security and telecommunications fields. As vice president of marketing for Varonis, Konstantas champions data governance for the company's worldwide markets. Konstantas is a popular speaker at shows like Interop and SecureWorld Expo. She has been quoted on CNET Radio and in trade and business press, such as BusinessWeek online and The Wall Street Journal online. Prior to joining Varonis, she held various senior roles in marketing, product management and engineering with start-up companies Neoteris (acquired by Juniper) and RedSeal Systems, as well as industry leaders Check Point Software, Juniper Networks and Motorola. She holds a B.S. degree in electrical engineering from the University of Maryland.

More by Johnnie Konstantas

About Varonis

Varonis is an innovator and provider of comprehensive, actionable data governance solutions. Based on patent-pending technology and a highly accurate analytics engine, Varonis' solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times.