As expected, the survey was focused on security. I was hoping to find some interesting data points that fell into the twilight zone at the crossroads of storage and security -- but something else caught my attention.

The survey kept a separate tally for answers given by "researchers" and another given by "IT or other managers" attending Black Hat. It's a simplification, but I like to think of the first group as security providers and the second group as security users.

There was a telling divide between concerning which security aspects each group considered important. You can view the survey slides here (http://weblog.infoworld.com/thestoragenetwork/archives/BlackHat%202006%20SurveySummary.ppt).

In essence, IT managers were asked in which area they felt more vulnerable, while researchers where asked about which area they were going to research. The two questions seem complementary, like the two sides of the same coin. Nevertheless, the groups' respective answers contrasted sharply. According to the survey, 32 percent of IT managers' vulnerability concerns involve databases, backup systems, and management software (Slide 6 of the survey PowerPoint file). Move to Slide 8, and you will see that only 22 percent of researchers express some interest for that category. The researchers' preference -- at a resonating 46 percent -- is for researching security for operating systems.

Could this difference between security providers and users be the reason why so many companies have egg on their face after losing unsecured media or laptops? Or is the IT managers' concern driven by the threat of embarrassing headlines? Perhaps Symantec and other providers should take a hard look at those two slides and try to reconcile the diverging expectations