Piecemeal approach won’t work – Federal government mobile computing planning provides a good example of what will.
Each year, security threats to web applications grow increasingly dangerous, causing many organizations to increase their investments in web application security testing. Beyond the obvious security benefits for organizations, it is also a positive trend that will lead to new market opportunities for application development and application testing product vendors.
NGFW bolsters McAfee “Security Connected” initiative and links network- and host-based security.
An ESG survey of 395 IT professionals at midmarket and enterprise organizations revealed the top security challenges in today’s data centers. This brief identifies the top challenges to running a secure data center, such as keeping up with the constant stream of new threat intelligence, and monitoring network activity in spite of unfortunate blind spots. It examines the underlying causes of these challenges, and concludes with advice for security vendors to help customers cope.
Advanced organizations are most likely to favor network information security over server security.
Hackers are rattling an assortment of web application windows and doors to find a way in.
Hackers growing more creative, attentive, and persistent.
Mobile computing presents an opportunity to get things right if CISOs approach it with the right strategy.
Next Week’s Open Network Summit may signal a new era in networking equipment.
Nearly half of midmarket and enterprise organizations plan to increase their information security spending in 2013, and only a small number of these organizations expect decreased information security budgets this year. In addition to investigating organizations’ plans to spend in areas such as network security, advanced malware detection and prevention, and mobile device security, ESG also considered the impact of the ongoing security skills shortage on organizations’ security initiatives.
In order to assess the market for web application security testing tools and services, including static application security testing (SAST) and dynamic application security testing (DAST) tools, processes, policies, and services, ESG surveyed 200 IT and information security professionals working at midmarket (100 to 999 employees) and enterprise-class (1,000 employees or more) organizations in North America.
Rapid innovation in product intelligence, data sharing, visualization, and useability will separate leaders from posers.
ESG sees big data information security analytics solutions evolving along a continuum.
Does information security analytics qualify as big data? Considering the challenges involved in capturing, processing, storing, searching, sharing, analyzing, and visualizing all of the data that an organization collects from log files, external intelligence feeds, and other sources, this question is clearly answered as many organizations say that security data collection and analysis would be considered big data within their organizations today. ESG defines the term “big data” as follows: In information technology, big data is defined as a collection of data sets so large and complex that it becomes difficult to process using on-hand database management tools or traditional data processing applications.
Purchasing behavior and information security organization focus has broad market implications.
Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s information security service. With over 25 years of technology industry experience, Jon is widely recognized as an expert in all aspects of information security and is often called upon to help customers understand a CISO's perspective and strategies. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government.
© 2015 by The Enterprise Strategy Group, 20 Asylum Street, Milford, MA 01757 508.482.0188