Survey: Greatest Challenge for IT Security Professionals

CIPS Connections – March 5th, 2008

First report in series on security practices, IT career issues, security awareness – CIPS members receive special rate.

A recent report released by the Canadian Advanced Technology Alliance (CATA) indicates that a lack of recognized best practices is the top Information Technology (IT) security challenge affecting organizations today.

The report, titled, “Canadian IT Security Professional Perspectives,” provides a comprehensive review of the findings of a survey of over 300 Canadian executive and frontline IT security professionals on their every day security challenges, use and trust of information sources, and the career advantages that an IT skill set provides them.

“Most IT security professionals feel they have access to a sufficient range of tools to address their security needs, but face a lack of recognized best practices to assist in determining how to best manage and implement them,” says Kevin Wennekes, Vice President Research for CATA and report author. “Further complicating matters is the lack of vested interest managers, other IT professionals, and end-users have in ensuring security practices are adhered to or given proper consideration during the design stages of new IT initiatives.”

The study notes that frequently, company disclosure laws inhibit the sharing of best practices, and that many of the companies promoting a best practice are in fact only promoting the use of their product or service. Respondents identified practical means by which these best practices could be developed and shared, and principles regarding their applicability and use.

The study also identifies:

The relative impact of a dozen known IT security challenges – with results demonstrating the difference in priorities between those in varying roles/titles
The daily demands on time in managing IT Security needs and predictions on future impact
Information Sources – views on the general and trade media, colleagues, vendors, online communities: Which are they using? Which do they most trust?
How important respondents feel an IT Security skill set is to enjoying a successful career in IT in general and whether this provides them with a career advantage over others
Perspectives on Canada as a Global IT Security Leader – current status, key strengths, challenges, opportunities
Critical Messages for Canadians – providing IT security professionals a soap box on which to stand: Who do they want to speak to; What do they want to say?

As CIPS and the Information and Communications Technology Council were instrumental partners in helping to create awareness around the study when it was first launched, CATA is offering CIPS members, an opportunity to obtain this report at the CATA member price of $65 (a savings of over $600 off the non-member price).

A series of “IT Security Perspective” reports is currently under development.

“CIPS is planning to participate in a future report,” said CIPS President Stephen Ibaraki FCIPS, I.S.P. “We know that the results from this study will help us get more in-depth results on the issues that impact an IT security professional’s job and day-to-day activities. We are glad to be able to work closely with CATA on this initiative and hope to be able to provide members with more results in the near future.”

More information on the report can be found on the CATA site by clicking here.

To obtain this member preferred pricing, please contact Cathi Malette by e-mail requesting a copy of the report and clearly indicating that you are a CIPS member. Proof of CIPS membership may be required.