IT and cybersecurity people should resolve to gear up for accelerated change and complexity in 2014, especially in cybersecurity, data privacy and big data, says global nonprofit IT association ISACA.
Bhavesh Bhagat, CISM, CGEIT, CEO of EnCrisp, cofounder of Confident Governance and member of ISACAโs new Emerging Business and Technology Committee, said: โThe pace of change expected in 2014 will put incredible pressure on technology professionals in the workplace with a focus on keeping IT risk in check while at the same time delivering value to the business. But this is also a chance for the IT department to be a strategic partner with the business on navigating these issues and opportunities.”
Tech resolutions
ISACA suggests the following five resolutions to help IT professionals get ready for 2014:
ยท Prepare for Privacy 2.0โAttitudes toward data privacy are unlikely to reach a consensus in 2014. Instead, be prepared to accommodate both those with little expectation of privacy and those who view their personal data as currency and want to control how that currency is spent.
ยท Slim down big dataโExplosive data volumes were the #1 issue (chosen by more than one in four respondents) posed by big data in ISACAโs 2013 IT Risk/Reward Barometer. Unmanageable data creates redundancies and is difficult to secure. In 2014, eliminate the excess and consolidate what remains, to promote sharing and protect using better controls.
ยท Plan to compete for cybersecurity and data analytics expertsโThe need for smart analytics people and cybersecurity defenders with the right certifications is only going to grow in 2014โthe year of the data professional. If you plan to hire, make sure your compensation package and job descriptions are competitive.
ยท Rethink how your enterprise is using your information security expertsโWith some elements of IT security operational responsibility (including malware detection, event analysis and control operation) increasingly being outsourced to cloud providers, smart leaders are enabling their internal security experts to become hunters instead of just defenders. This allows them to proactively seek out the most hard-to-detect threats, build internal intelligence capabilities (e.g., โthreat intelligenceโ), construct better metrics and invest in operational risk analysis.
ยท Ramp up for the Internet of even more ThingsโWith 50 billion devices expected to be connected to the Internet by 2020,* start working now on a policy governing connected devicesโmany invisible to the end userโif your enterprise doesnโt have one now.
ISACA provides guidanceโmuch of it free of chargeโto help business and IT:
ยท COBIT 5 framework for the governance and management of information and technology
ยท Cybersecurity resources
ยท Privacy and big data resources
ยท Certifications such as Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC).
