Make security part of company's DNA
SINGAPORE--Companies in Asia need to view information security as a business differentiator in order to gain competitive advantage over their peers, industry experts said at a security conference last week.
Speaking at Frost & Sullivan's recent Secure Enterprise Summit 2007, held in the island-state, Ray Stanton, global head of business continuity, security and governance practice at BT, pointed out that security needs to be "part of the DNA of a company", just like healthcare and safety standards or human resources currently are.
Stanton noted that network convergence is a reality in the enterprise world today, and security is the "key enabling technology" for many aspects of this business environment.
BT has identified security as "strategic" to the business, he told ZDNet Asia on the sidelines of the conference. He added that managed security services, business continuity and identity management are areas that BT will continue to invest in and expect to see "double-digit growth" this year.
The telecommunications player last October announced it acquired Counterpane Internet Security to boost its managed security services portfolio.
Ron Moritz, vice president and chief security strategist of CA, said businesses in Asia need to move further along the security adoption curve.
They must now recognize that security can be used to deliver new goods and services "through the distribution of information and data stored in the enterprise repositories", Moritz told ZDNet Asia. This would create new business opportunities and provide companies with a competitive advantage, he added.
He noted that this concept has achieved some degree of maturity in the United States and Europe, but not many businesses in Asia have subscribed to the idea yet. He observed that executives in the Asia-Pacific region still consider security as a piece of technology "and not a part of the business solution".
Frost & Sullivan's Manoj Menon, partner at consulting company, reported that spending in the region is "still focused on traditional security" such as firewalls and virtual private networks. However, he expects to see spending in relatively newer areas such as intrusion prevention systems and managed security services, to increase in future.