Security experts need to “put the ‘I’ back into Information Technology,” according to Francis deSouza, president of Symantec’s enterprise product, services and support group, who was commenting on his company’s recent survey.
The 2012 State of Information Survey conducted by Symantec measured IT-related attitudes and strategies among roughly 4,500 respondents in 38 countries in an information management industry worth more than a trillion dollars worldwide.
“The focus in IT for the last couple of decades has been around the technology and the infrastructure in the enterprise,” deSouza told CRN. “But now we’re at the stage where we have to be more focused on how the information moves rather than on the underlying infrastructure itself. You have to protect the information as much as you protect the infrastructure; otherwise, you are exposing yourself to loss.”
According to the report, information constitutes 49 percent of the value of the respondents’ companies. Nearly 70 percent of the responding companies lost important information in the last 12 months, and the same number had inadvertently exposed sensitive information within the last year. The report also said that most companies spend roughly $3,500 per employee to manage information on an annual basis.
While these statistics measure information management overall, one of the key subsets is about the management of security.
“I think companies are spending enough, but I think they need to look at spending it differently,” deSouza said. “Historically, security has been thought of as an application of a bunch of different point categories and point products. There are literally dozens of categories, but a growing number of attacks are targeting the seams between products. So, what you need is a smaller set of more powerful products. And, I think that type of consolidation also frees up the budgets and allows companies to invest in the next generation of technologies.”
Thus, rather than focusing on anti-spam and anti-virus, he recommends that partners focus their sales efforts on DLP, encryption and other technologies that are driving important discussions in the information security field. In addition, there needs to be acceptance of the fact that not all information is of equal value. Accordingly, he says, information needs to be ranked by importance, with the most important assets getting the most protection.
NEXT: The Upside Of Security