Compliance a growing IT concern

Companies are facing growing pressure from regulatory issues and the need to ensure compliance, according to IBM executive.

"There is an increasing stress from the auditing process," said Peter Rajnak, Asean security solutions manager at IBM's Tivoli software division.

In an interview with ZDNet Asia, he explained that while the business and IT divisions used to be audited separately, they are now seen as one single entity. "This moves the accountability of IT to the business side," said Rajnak, noting that this increases the stress and demands on the IT department as it now has to be accountable to more people.

The IBM executive said Asia is seeing an increased emphasis on regulatory compliance, driven primarily by more collaboration between various countries as globalization extends its reach. This makes IT governance and compliance a top priority for companies, he said.

Rajnak added that compliance will remain one of the top two most critical concerns for IT over the next two years, where the other key priority is data protection.

While not new to the industry, compliance regulations are forcing the need for more transparency within the business environment. This, he said, has resulted in the discovery of more security holes--especially in the area of identity management.

According to Rajnak, 90 percent of insider security breaches are caused by employees with privileged access to the network. Of these, he added, 84 percent are classified as "revenge attacks".

"This makes internal network security too costly to ignore," he said.