RSA CISO Eddie Schwartz says he spends more time talking to other chief information security officers and IT security practitioners today than he did a decade ago, when he held the same job at Nationwide Insurance Co.
Acquiring information security wares gets more complicated every day - some 1,000 vendors offer 150 categories of products - so it's unreasonable to expect even the most informed chief information security officers to know everything about them.
Local and state governments improving their cyberthreat awareness could be the main benefit from a new program designed to help them save money in acquiring IT security products and services, says Center for Internet Security Chief Executive William Pelgrin.
Gartner's Tom Scholtz doesn't see a shortage of technically skilled IT security practitioners. But he perceives a dearth of infosec pros who truly understand how security links to an enterprise's business goals.
Gartner's Peter Firstbrook, to illustrate the vulnerability of IT systems, cites research that pegs at about 400 days the average time a targeted virus remains undetected on a computer. And, he says, that doesn't speak highly of the current offerings from security vendors.