The move to web services is throwing up a whole new set of security headaches.

Speaking during a keynote presentation at InfoSecurity Europe Stuart Okin, a partner at Accenture and former Microsoft head of security, warned delegates that web services were the final nail in the coffin of perimeter security being enough to protect enterprises.

"We know we are moving forward to a web services world. This means that component parts of business critical applications will be running outside the perimeter on the internet," he said.

"Applications are being split and will be used across the internet in the same way we use a local area network today."

Okin also released details of an ongoing survey of chief information officers around the world. He praised security companies for good communication with CIOs, but warned that the message is still not getting through at board level.

Most CIOs indicated that, while security figured highly in their plans, other concerns came first. Server consolidation was the main IT project planned for those questioned, followed by standardising employee computing. Security was only fifth on the list.

The funding situation was also hurt by the requirements of government. On average 25 per cent of the CIO's IT budget was being spent on compliance issues, principally Sarbanes-Oxley.