I recently wrote about the findings from our survey of the security community, conducted at Infosecurity. We revealed the changing challenges for IT and security teams and how they are prioritising innovation and threats. Alongside these results, we also uncovered interesting insights into broader concerns within the industry, such as new regulations coming into place and trends like the Internet of Things. The results reflect the caution with which the security community is approaching changes in the IT landscape.
With new rules being implemented by the government to give police and security services greater powers to monitor internet and phone use, the survey revealed that more than half (52%) of the respondents are concerned about the Investigatory Powers Bill coming into force. The reasoning behind this? A third (32%) cited concerns around the government having more 'big brother' style powers. Interestingly, given the Infosecurity Europe 2015 community is largely responsible for safeguarding customer data across a range of industries, only 18% of individuals are concerned about government access to personal data and only 13% with corporate data.
Another essential consideration for many businesses in the coming months and years is The Internet of Things – where objects and appliances with embedded sensors and chips are capable of communicating online. For many enterprises, the excitement of this new realm of connectivity is overshadowed by the fact that, with more devices connected to the network, there comes a new array of security implications.
When asked about the Internet of Things, respondents highlighted concerns around data loss (26%), security when managing an increasingly complex environment and securing customer data (23%) and the increasing complexities around managing connected devices (21%) as top of their agendas. Only 3% of respondents have no concerns around the Internet of Things, suggesting a need for the government and the broader business community to encourage collaboration, security and education in this space.
It’s certainly true that network perimeters are collapsing, and IT now has to contend with a huge number of devices and applications that may well be beyond the traditional network perimeter. As more people, devices and applications get connected businesses will need to be able to scale their architecture to meet the growing demand. What’s needed from businesses is a change in attitude and the need to prioritise. Cost is often still a deciding factor in why organisations aren’t prioritising investing in security solutions but it’s important to note that the market has moved on from the days where investing in security solutions always required a large upfront cost.
It’s not altogether surprising that the security community is concerned about the Internet of Things and the Investigatory Powers Bill. The respondents are at the front line in protecting enterprises against external threats and in modernising IT infrastructure for an ever more connected world. There is still a great deal of uncertainty in these areas and it will be crucial for the government and business community, including their security teams, to engage in the debates about the implementation of both. These are certainly trends which I’ll be keeping a close eye on as they roll out over the coming year.