ISACA has shared three of the trends expected to dominate the IT landscape in 2012: Big Data; the consumerisation of information technology (aka BYOD or Bring Your Own Device) and the growing dominance of mobile devices.
The global non-profit IT association also offered recommendations for managing those trends.
Big Data describes not only the extremely large volumes of information being collected by enterprises in an increasingly connected world, but also their diverse sources, including social networks, sensor networks, customer chat sessions and more.
“Big Data is going to evolve out of its ‘shiny new object’ status in 2012. IT leaders will need to figure out how to coax order out of the chaos from all those zeroes and ones, as well as optimize return on investment and manage data privacy,” said Ken Vander Wal, CISA, CPA, international president of ISACA.
According to the complimentary ISACA white paper Data Analytics – A Practical Approach (www.isaca.org/data-analytics), enterprises should aim for early success by using analytics across many projects for greater insight, performing ad hoc analysis to support key areas of risk, and defining measures of success along the way.
The consumerisation of IT, marked by the invasion of employee-owned smartphones and tablet devices into the workplace, is predicted to be another major trend in 2012. Employees who use their own devices for work functions gain flexibility and can be more productive, but those devices are typically more difficult for IT to secure and manage.
“Bring Your Own Device is a fast-moving train. IT departments have to jump on it or risk getting left at the station,” said Robert Stroud, CGEIT, CRISC, past international vice president of ISACA and vice president, Innovation and Strategy, CA Technologies.
“Organisations that embrace the BYOD trend need to consider a two-pronged approach to security by focusing on both the device and the data it can access… IT will need to answer questions such as, ‘Who is accessing corporate information, when and from what device? Is the device trustworthy?’” said Stroud.
Growth In Mobile
One of most prominent elements in the 2012 security landscape will be the increasing growth of mobile devices, including everything from smartphones and tablet computers to laptops and USB memory sticks.
“2012 will see a sharp increase in attacks targeted at mobile devices, either to exploit them or use them as an access point to corporate networks,” said John Pironti, CISM, CRISC, CISSP, security advisor, ISACA, and president, IP Architects.
ISACA advises that information security managers need to create an easily understood and executable policy that protects against the data leakage and malware – and then communicate it. In ISACA’s recent BYOD survey of 1,224 US consumers, 16 percent of respondents say their organization does not have a policy prohibiting or limiting personal activities on work devices, and another 20 percent do not know if one exists.
Setting and communicating policies are central to effective governance of enterprise IT (GEIT), which is a priority with most enterprises, according to the fourth Global Status Report on GEIT – 2011 by ISACA’s research affiliate, the IT Governance Institute (ITGI). Only five per cent of business executives and heads of information technology surveyed indicated that they do not consider it important, and two-thirds of enterprises have some GEIT activities in place. However, the survey uncovered opportunity for IT leaders to be more proactive, especially in striking a balance between innovation projects and “run the business” tasks.