Regulatory changes lead to renewed focus on compliance

Regulatory compliance will become the biggest business issue affecting enterprise IT over the next 12 to 18 months, according to a new survey from information security professionals association ISACA.

The survey of nearly 2,500 IT, security and audit and assurance managers from 126 countries found that the growing number of regulations and standards are beginning to have a big impact on their roles.

Basel, Frank-Dodd, PII, Do Not Track, Solvency II and HITECH Meaningful Use are just some of the regulations highlighted by ISACA as set to be introduced or updated during this period.

IT management and governance came second in the report's list of priorities, while information security management came third. Within this, a lack of senior management involvement in setting direction for information security was ranked as 'important' or 'very important' by 80 per cent of respondents.

"Occurrences such as WikiLeaks, the Zeus botnet and an overall rise in identity theft show in 2010 that the variety and volume of threats is on the upswing," said Greg Grocholski, ISACA director.

"Security is everyone's business, not just IT's. This area will continue to be a losing battle if organisations don't get top-down commitment."

Other business issues set to affect enterprise IT over the next year and a half, according to the report, include vulnerability management, continuous process improvement, business agility and IT risk management.