Has Mobile Computing Had a Positive Impact on Cybersecurity?

I’ve heard the same story from a multitude of CISOs: “As soon as we agreed to support BYOD and mobile devices, all hell broke loose!” How? All of a sudden there were hundreds or thousands of new devices accessing the corporate network. Many of these devices were employee-owned, unmanaged, and full of questionable applications. What’s more, users were now working on multiple devices and moving sensitive data between Windows PCs, iPads, Android phones, and a slew of online file sharing sites like Box, Dropbox, and iCloud. Holy threat and vulnerability, Batman!

Most enterprise organizations are now way past this early period of mobile security chaos. Yes, there are still plenty of challenges associated with mobile computing security, but did preliminary mobile computing anarchy have any positive impact on information security in the long run? In other words, did the initial mobile computing fire drills actually help CISOs recognize risks and address systemic weaknesses?

Topics: IBM MDM Cisco Information and Risk Management Juniper HP mobile Security and Privacy Security endpoint security Bradford Networks Mobile computing Box Dropbox Aruba Vormetric ForeScout Veracode Great Bay Software NAC

The Web Application Threat Landscape Is Getting Worse

ESG just published a new research report titled, Web Application Testing Tools and Services. The report is comprised of data collected in a survey of 200 North American-based security professionals working at enterprise organizations (i.e., more than 1,000 employees).

Topics: Information and Risk Management Enterprise Software Security and Privacy Veracode Imperva

Software Development: Still Lacking Strong Security

Large organizations are buying next-generation firewalls, advanced malware detection/prevention systems, encryption software, and new types of security analytics tools. On balance, this is a good thing as they add more layers of defense to networks and host computers.

Topics: Microsoft Information and Risk Management Enterprise Software Security and Privacy SANS Veracode software assurance