Overview: 

It’s been a long time coming, but the indications are that security and information protection are finally within spitting distance of getting the mindshare they merit, based on the only metric that really matters: Cash on the barrelhead.

In volume 1 of our ground-breaking benchmark, "Security and Information Protection: Trends and Organizational Issues", we highlight the acceleration in spending on security and information protection, discuss critical drivers, and drill down into the organizational and operational impacts. Security budgets have grown another 20% since our last benchmark (in 2005), and indications are that double-digit growth will continue through 2008 and beyond. Moreover, that growth is increasingly shifting away from consultants and staff and toward products and services—good news for vendors and providers. Security organizations are evolving as well, with the most significant trend being the shift in focus from “chief security officer” to “chief risk mitigation officer,” mirroring the overall organizational shift in focus from security to risk mitigation. In line with this shift, security teams are picking up responsibility for areas they don’t historically support (such as business continuance and facilities) but which, if not well managed, can increase an organization’s risk. And security remains a great career path: along with this increased responsibility comes a welcome (and sustained) increase in salary.

By Andreas M. Antonopoulos, SVP and Founding Partner, Nemertes Research, Feb. 22, 2007

The announcement on Feb. 21 that Cisco Systems (NASDAQ:CSCO) plans to purchase privately-owned XML-appliance vendor, Reactivity, spotlights the increasing importance of XML as an application integration protocol and the need for application-level security and management tools in the network.

Reactivity makes appliances that accelerate the adoption of XML Web services and SOA software development by helping to deploy, control and manage XML application interfaces and data streams. The acquisition complements Cisco's Application-Oriented Networking offerings and strengthens its security portfolio.