As global economic conditions continue to fluctuate, information security hovers in the balance – caught between a new hard-won respect among executives and a painstakingly cautious funding environment.
Two findings, in particular, stand out this year. On the one hand, there’s compelling evidence that, in some respects, the security function appears to be “under protection” – as if the efforts of technology and security executives to better align security with the business were, in fact, beginning to show results.
On the other hand, the economic downturn has clearly “raised the bar” on security. In addition to helping the business mitigate risks associated with factors such as globalisation, outsourcing and third-party compliance with the company’s policies, the information security function is now also charged with new challenges – and for some companies, with more urgency than ever before. The function and its leaders are now also tasked with helping the company address an acute set of crisis-related risks and opportunities such as those associated with new business models, M&A transactions, successive waves of layoffs, cost-cutting drives in other parts of the enterprise, and major shifts in a key competitor’s strategy.