IT security managers wanting to increase security budgets should establish KPIs, create scorecards and emphasise how security enables device management, according to speakers at a security and continuity conference in Sydney.
Microsoft Australia's chief security officer Peter Watson said security is now being considered as an enabler of technology, specifically with mobile devices, rather than "an expensive means of peace-of-mind".
"One of the biggest [focus] areas of medium to large business is device management and adequate security controls can allow remote devices to be better utilized," Watson said.
He said duplicating Public Key Infrastructure (PKI) authentication on remote devices is one of the best ways to exemplify the benefits of well-designed security.
Watson said business executives can see the value in a strong security infrastructure because they can also see how valuable their data is to the increasingly money-driven hacking industry.
"Rootkits and botnets are being used in combination for application-specific attacks designed to target valuable data," he said, adding that security will become more recognized as these types of breaches increase locally.
IDC's senior analyst Patrik Bihammar said it is unlikely that Australian IT security regulations will mirror those in the US despite the country's condensed, wealthy IT industry being an "easy target".
"Australia is a big target for identity and data theft because we have a small, rich industry that often has [lax] security measures," Bihammar said.
"Local compliance is driven more so by Europe than the US, but we tend to take a best-practice and common-sense approach to avoid the risk of legal problems and [red tape]."
He said the billion-dollar data theft market has driven a surge in security spending by IT departments, set to increase by 65 percent from $850 million to $1.3 billion by 2010.
Bihammar and Intelligent Business Research Services (IBRS) security analyst James Turner said that Microsoft, IBM and Oracle will be among the top five security giants following predicted consolidation in the market.
According to Watson, Microsoft's peculiar partnership with Cisco is designed to offer improved network security by combining Cisco's expertise in network access controls with Microsoft's network access protection offerings.