Cyber Security Institute
§ Current Worries
Top 3 Worries
- Regulations
- Old Firewall Configurations
- Security Awareness
§ Listening
For the best information
- The underground
- Audible
- Executive Excellence
- Music (to keep me sane)
§ Watching
For early warnings
- 150 Security Websites
- AP Newsfeeds
- Vendors
Monday, September 18, 2006
Gartner: Security costs fall with good policies
Think in terms of threats, not regulations, analysts counsel. Enterprises will increasingly face skilled IT criminals trying to infiltrate corporate networks for sensitive data stored in databases, but adopting new policies to evaluate risk should help drive the cost of defense down, computer security analysts said. But many corporations are creating security policies based on government regulations rather than threats. The result is policies that meet the auditors’ requirements but aren’t necessarily best for the overall security, said Jay Heiser, Gartner research vice president.
Rather than trying to anticipate a new regulation, it’s better for companies to treat regulation as one more factor in an overall risk portfolio, Heiser said.
From its latest data, Gartner expects information security budgets to increase 4.5 percent over the next year.
Wheatman said companies have shown success in negotiations with security vendors in getting, for example, antispyware included with antispam and antivirus software instead of paying extra. Antivirus software represented 54.3 percent of the revenue, at $4 billion.