When it comes to security, technology isn’t necessary the only solution — especially when the people using the technology are part of the security problem.
That’s the key message coming from networking giant Cisco (NYSE:CSCO). Cisco’s assertion comes as it reveals that security spending could well be on the rise in 2008.
According to results from a Cisco sponsored study, 62 percent of global IT decision makers plan to increase security spending within the next year, with
27 percent planning to spend by more than 10 percent.
In the U.S., the numbers are a little lower, with 53 percent reporting they expect to spend more on security and 27 percent reporting they would be spending more than 10 percent.
Research firm InsightExpress conducted the study and involved more than 2,000 IT professionals in 10 countries (United States, United Kingdom, France, Germany, Italy, Japan, China, India, Australia, and Brazil).
The spending study is the second part of a Cisco study on the habits of remote
workers. That survey showed that, while workers may feel safe, their activities online actually can put their environment at risk.
Cisco thinks some of IT’s security spend should be addressing human behavior.
“One of the things I see people spending money on that they haven’t before is they realize they need to create the ‘Human Firewall,'” Patrick Grey, senior security strategist at Cisco, told InternetNews.com. “That’s the person who is sitting in an IT environment that is the last line of defense, that person with a mouse in their hand.”
So what does the world’s biggest networking vendor think that IT should do about the human problem? For one, Cisco’s executives believe that the solution doesn’t rest entirely with technology.
Cisco’s Chief Security Officer John Stewart argued on a Webcast discussing the study results that IT organizations need to teach IT users how to protect themselves in ways that technology alone cannot. Stewart noted that users still click on e-mail from unknown sources and users still hop onto unknown Wi-Fi access points.