Irish organisations are making progress in their approach to information security and the professionalism of people working in this area has also improved, the head of the Irish chapter of the ISSA has said.
Speaking to Siliconrepublic.com at the start of the group’s annual conference in Dublin yesterday, Owen O’Connor said: “We’re raising the bar year by year in terms of skill levels and people’s maturity levels.”
“There are a couple of organisations locally who are very focused on metrics and measurement, which is a sign of professionalism. They’re properly measuring and documenting and saying ‘we think this metric drives success in security – we want to improve it by 10pc next year’ … that’s a much better approach than we would have had a few years ago, so hopefully more people will move along.”
O’Connor said he was encouraged by the attention and resources now being allocated to security. “There are a few people here who have regular scheduled time with their board of directors which is phenomenal. You wouldn’t have had that a couple of years ago.” O’Connor said he hoped that a year from now, more companies will have similar reporting procedures in place.
“I think we have vastly better user awareness and user buy-in than we had five or ten years ago. We have seen civil servants fired over security incidents, senior managers losing positions, companies going out of business.”
However he struck a more downbeat note about the wider state of security, saying that the sophistication of threats had “advanced massively” in the past few years.
The Information Systems Security Association (ISSA) is a non-profit professional body for those working in IT security. The Irish chapter’s two-day conference heard presentations on a range of topics ranging from the state of information security to the future of passwords and flaws in chip and PIN security.