Inside Dark Networks

The ISACA Silicon Valley Chapter’s Winter conference is in full swing. This year it has been split into two separate tracks (Information Security and IT Governance) on consecutive days.

IT governance is really starting to get interesting in 2008. This is for a number of reasons. With the downturn in the economy, there are two things people are thinking about:

1) How is information security and IT spending my money? The concept of transparency, good management, regulatory compliance and showing value will become critical for most organizations in 2008 and 2009. Most likely this will result in a boom in IT governance.

2) 2008 will likely lead to layoffs and the freezing of InfoSec budgets. The IT targets are most likely the ‘old guard’, i.e. those who do not believe in business alignment and assisting the business grow revenue. This will likely result in many out of work admins, who have a grudge against their old employers, and are armed with network diagrams and root passwords. If they do decide to attack their employers, this may lead to a mandatory SB1386 disclosure, causing huge embarrassment. The good news is this will lead to the unfreezing of InfoSec budgets and an increase in InfoSec hiring and training…..roll on 2008.