IT security managers wanting to increase security budgets should establish KPIs, create scorecards and emphasise how security enables device management, according to speakers at a security and continuity conference in Sydney.
Microsoft Australia's chief security officer Peter Watson says security is now being considered as an enabler of technology, specifically with mobile devices, rather than "an expensive means of peace-of-mind".
"One of the biggest [focus] areas of medium to large business is device management and adequate security controls can allow remote devices to be better utilized," Watson says.
He says duplicating Public Key Infrastructure (PKI) authentication on remote devices is one of the best ways to exemplify the benefits of well-designed security.
Watson says business executives can see the value in a strong security infrastructure because they can also see how valuable their data is to the increasingly money-driven hacking industry.
"Rootkits and botnets are being used in combination for application-specific attacks designed to target valuable data," he says, adding that security will become more recognised as these types of breaches increase locally.
IDC's senior analyst Patrik Bihammar says it is unlikely that Australian IT security regulations will mirror those in the US despite the country's condensed, wealthy IT industry being an "easy target".
"Australia is a big target for identity and data theft because we have a small, rich industry that often has [lax] security measures," Bihammar says.
"Local compliance is driven more so by Europe than the US, but we tend to take a best-practice and common-sense approach to avoid the risk of legal problems and [red tape]."
He says the billion-dollar data theft market has driven a surge in security spending by IT departments, set to increase by 65 percent from A$850 million (US$709 million) to $1.3 billion by 2010.
Bihammar and Intelligent Business Research Services (IBRS) security analyst James Turner says that Microsoft, IBM and Oracle will be among the top five security giants following predicted consolidation in the market.
According to Watson, Microsoft's peculiar partnership with Cisco is designed to offer improved network security by combining Cisco's expertise in network access controls with Microsoft's network access protection offerings.