Author: admini

“Companies are finding that the frequency and sophistication of threats is out of control for them to handle internally and they’re looking for service providers with competency to be able to handle that for them,” Kark said.

In the recent Forrester report: “Market Overview: Managed Security Services,” Kark lays out ways the broad industry is shaping out and what companies should look for in a service provider. To do that, companies need to evaluate a number of different kinds of MSSPs, from telecommunications providers that bundle security with their services, to value-added resellers and system integrators that provide a mixture of services.

Robert T. Ferrilli, president and CEO of the Ferrilli Information Group, turned over nearly all his systems to managed service providers when the company’s Exchange server went down unexpectedly while he was on a business trip. The firm, which provides business applications for universities and colleges, has a team of 20 developers spread out across the United States.

Many firms have a suite of services and are happy to sell everything they offer, but enterprises with a solid set of priorities of what they want to gain from a MSSP will be able to better evaluate what partner is right for them, Kark said. Instead of just gaining Web filtering or email protection, enterprises are seeking guidance from their MSSPs on security related issues, forcing some firms to invest in creating consulting services divisions. According to Kark, content security in the form of email and Web content filtering still has the most market penetration, but other technologies are quickly gaining ground.

Companies are outsourcing log management and event correlation and analysis services as well as distributed denial-of-service (DDoS) protection services. The growth of cloud computing, with more company data spread out beyond the company walls, has forced some firms to seek out specialized security providers.

http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1508261,00.html?track=sy160&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+techtarget%2FSearchsecurity%2FSecurityWire+%28SearchSecurity+%3A+Security+Wire+Daily+News%29

For instance, decision makers should identify which information is the most valuable.

Another smart move would be to “create a ‘risk register’ of data security risks [that] divides the risks your firm faces into two categories: compliance risks and misuse of secrets.”

The survey, which was carried out in November and December, polled 163 U.S.-based companies and 102 European companies, as well as 40 based in Australia and New Zealand.

http://www.esecurityplanet.com/trends/article.php/3874791/Microsoft-Cyber-Security-Survey-Finds-Businesses-Most-Valuable-Data-at-Risk.htm

The survey found most security spending is driven by compliance initiatives, which focuses on protecting less valuable custodial data in the form of customer personally identifiable information and credit card numbers.

The data makes up a smaller proportion of a company’s assets, about 38%, while 62% of valuable enterprise assets typically make up corporate secrets.

“Catastrophic toxic data spills are dramatic and expensive, and they garner the most headlines…But for most enterprises, secrets are more valuable than custodial data,” according to the Forrester report, “The value of corporate secrets.”

Firms in the manufacturing, information services, professional, scientific and technical services and transportation accrue between 70% and 80% of their information portfolio value from corporate secrets. The survey found the average cost for lost smartphone incidents was about $12,000 per incident, while lost laptops and accidental leakages cost $26,000 per incident.

http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1508039,00.html?track=sy160&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+techtarget%2FSearchsecurity%2FSecurityWire+%28SearchSecurity+%3A+Security+Wire+Daily+News%29