Enterprise security decision makers have long been more likely to be swayed by flashy new technologies than by the notion of comprehensive IT restructuring to protect data and other corporate assets, but the situation is evolving rapidly, according to experts participating in Forrester Research's ongoing Security Forum.
Kicking off in Atlanta on Sept. 5, the two-day event will bring together a number of influential IT security consultants and researchers along with a range of vendors and end-users to debate pressing issues impacting enterprise businesses today.
Whereas such technology meetings, including Forrester's inaugural 2006 security confab, have historically focused more on the acquisition of new technologies or the latest trends in malware, companies are finally beginning to spend less time on investigating individual attacks and defense mechanisms and more closely examining the idea of broad-ranging risk management, show organizers said.
"There isn't any hot new technology being pitched at us these days. The process is less about shiny widgets than it is about cohesive programs that combine security and risk management," said Laura Koetzle, the Forrester analyst charged with pulling the event together.
"For a long time, the power in the security industry has been in the hands of the technology providers," she said. "But as enterprise security programs are maturing, we're seeing a shift to more coherent strategies that emphasizes specific business needs."
Koetzle said that the annual conference will have its fair share of security research reports on emerging threats -- including the latest on messaging security trends from specialists with Postini -- but the analyst highlighted increasing sophistication of the planned discussions, which focus on how companies can work with their customers and business partners to take a more organic approach to security.
"Many people growing up in the security discipline have seen a lot over the last few years, and now they're focused on working with business partners both inside and outside of their firms to get a more holistic view of what they want to accomplish, versus blocking viruses and filtering," said Koetzle.
"Today, security folks are much less likely to be a guy in a black hat in charge of some esoteric technology whom you never see, it's more about people who coordinate management strategy for companies and ensure that they have the right skills and partners in place," she said.
The Forrester analyst contends that security professionals are also no longer forced to fight for attention among the ranks of IT with c-level corporate leaders having woken up to the fact that their companies' operations and reputations can be severely affected by data breaches and security gaffes.
Among the scheduled speakers at the show will be representatives from IT vendors including Dell, Texas Instruments, and VeriSign, but Forester has also corralled customers from the financial services and healthcare industries to share their latest experiences.
Along with a slew of Forrester's own experts, academic researchers from Johns Hopkins University and Purdue University are also slated to speak at the show.
Representing Johns Hopkins will be Dr. Aviel Rubin, director of the school's Information Security Institute and a well-known expert regarding e-voting technologies and many of the issues that loom with the continued adoption of the systems.