Since the rise of the mainframe, security has been a constant focus of attention to technology executives. It is also true that over time, this subject has evolved considerably: the areas of concern have changed, policies have become more complex and rigid. Even the budgets for the subject grew. But the issue remains high on the list of priorities of the public.
Corporate investments in security projects in 2005 totaled 1.1 billion dollars. The following year, Forrester Research released a study stating that this number should reach the mark of 11.2 billion dollars by 2008 in the United States and Europe. But the market for security software moved about 13.47 billion dollars in 2010.
There is a little over 10 years, CIOs around the world were concerned about the integrity of the software used. At that time, the versions available were full of faults. Vendors scrambled to launch as soon as possible, a more current version and conquer "new" Internet users. With all the rush, many service packs were released, which opened security holes and left unprotected firms.
As of September 11, attention turned to business continuity. It was not enough to save more in the house important data, because it was perceived that the protection of information was not only a problem in the IT area. Ernst & Young conducted a survey in 2002 showed that more than 75% of American companies had experienced unexpected outages and more than 50% of them recognized the importance of information security. The fall of the Twin Towers came to the attention of executives at technology plans for disaster recovery services and business continuity. Many projects left the drawing board. It was at this time became popular terms that now seem commonplace, such as data redundancy, mirroring servers, high availability, down time and disaster recovery, among others.
But as the area of IT is not the opposite of static in the following year, executives have had to worry about another issue: the approval in the United States, the law aimed at greater transparency in management. These new e-governance services practices have changed the status of IT, which has become an area of support to establish as a pillar to the business strategies of organizations. The responsibility has grown exponentially.
Then the market takes another innovation: mobility. But like every great advance in the technology sector has been accompanied by new threats, along with increased employee productivity, also began the "transport" of information outside of the protected infrastructure of the company. Since the advent of Web 2.0, or collaborative web, while enabling a better integration with partners and suppliers, giving rise to leakage of contents and negative exposure to the corporate social networks.
So many changes, within little more than 10 years, required much technical knowledge and high investment in training of professionals. Besides, of course, the tools consist of software and hardware to ensure data security more strategic. Gartner predicts that by the end of 2010, investments in software will increase 4%, while the funding of services will grow 3%, surpassing all other spending. Still, forecasts index less than 15% of the total IT budget indicated to ensure the security of a company.
Where is the threat in the future? Where should resources be invested? Who does not want to risk, may decide to outsource. Besides lower costs, SLAs (Service Level Agreements) ensure the creation and especially tracking metrics. The contract also allows the monitoring and prevention of threats, support full-time professionally trained and updated, among other advantages.
Regardless of what comes around, information security should be ready to help companies meet these constantly changing scenarios.