infosec4all.com

Not really the latest news, but I’m sure that 2007 report will not differ significantly. Ernst & Young’s Global Information Security Survey for 2006 shows growing importance of information security. Senior executives are starting to recognize the role of infosec in risk management. There are some positive developments on standards recognition.

The report also indicates 12 major trends:

Integrating Information Security with the Organization
Trend 1: Information risk management is becoming integrated into overall risk management.
Trend 2: Information security is now more integrated in companies’ cultures.
Trend 3: The information security function is now more integrated in outsourcing discussions.

Extending the Impact of Compliance
Trend 4: The impact of compliance continues to grow.
Trend 5: Compliance is promoting teaming between information security and other functional business groups.
Trend 6: Compliance is improving information security.

Managing the Risks of Third Party Relationships
Trend 7: Companies are managing their suppliers’ vendor-related risks.
Trend 8: Suppliers are managing their own vendor-related risks.

Focusing on Privacy and Personal Data Protection
Trend 9: There is an increasing focus on proactive privacy and personal data protection.
Trend 10: Privacy and personal data protection practices are becoming increasingly formalized.

Designing and Building Information Security
Trend 11: Information security is becoming more proactive in meeting business objectives and business continuity planning.
Trend 12: Information security is increasingly adopting recognized standards.