A surprise or not? Reporting from The Register, and based on a study carried out by the IDC that the most important factors in security systems were
"management support of security policies; users
following security policy; qualified security staff; software solutions
and hardware solutions"
According to the study
more than 40 percent of information security
budgets is spent on personnel, education and training, up around 5 per
cent on previous years. Information security risk management is seen as
a particular training priority.
It is becoming apparent that many of the security consultancy companies are now beginning to focus more on services relating to risk management, in conjunction with the bread and butter of selling software and hardware kit.
The survey was sponsored by (ISC)2