IT professionals must prepare for a year of accelerated change and complexity as 2014 gears up to place increasing pressure on cybersecurity, data privacy, and Big Data, according to ISACA.
ISACA, formerly known as the Information Systems Audit and Control Association, is a global not-for-profit IT association which offers membership, guidance and certification in information governance, control, security, and audit professionals.
According to the organisation, there are five resolutions which will enable IT professionals to sufficiently prepare for the year ahead.
With attitudes towards data privacy unlikely to reach consensus in 2014, the organisation claims the first is readiness for ‘Privacy 2.0’ to accommodate both those with little expectation of privacy, and those who view personal data as currency, and demand control on the manner in which it is spent.
Explosive data volumes was the top issue posed by Big Data in ISACA’s 2013 IT Risk and Rewards Barometer. Slimming down on Big Data is therefore the second resolution as unmanageable volumes create redundancies and prove difficult to secure. ISACA recommends eliminating the excess and consolidating what remains through 2014 to promote sharing and protect using better controls.
The organisation’s third point concerns creating a plan to compete for cybersecurity and data analytics experts as it predicts the need for smart analytics personnel and cybersecurity defenders with the right certifications will grow in 2014, marking what it calls “the year of the data professional.” Hiring should consider compensation packages and competitive job descriptions.
ISACA also advises a rethink of how the enterprise is utilising information security experts as the outsourcing outsourcing of some elements of IT security operational responsibility to Cloud providers is enabling internal security experts to become ‘hunters’ rather than ‘defenders’. This enables them to seek out the harder-to-detect threats, build internal intelligence capabilities, construct better metrics, and invest in operational risk analysis.
ISACA’s last resolution is ramping up for what it calls the “Internet of even more things” on the back of the Cisco prediction that 50 billion devices are expected to be connected to the Internet by 2020. This involves developing a policy governing connected devices if not already in place.
ISACA member, Bhavesh Bhagat (who is also chief executive officer of EnCrisp and co-founder of Confident Governance), claims 2014 will see technology professionals juggling IT risk and delivering business value, while simultaneously providing IT departments with the opportunity to become strategic partners with the business on navigating these issues.
