Category: Trends

The trend in the last four years saw the number of infections increase slightly after the first quarter, then decrease to lower levels in the last quarter.

But this quarter’s 10,248,989 infections is a big leap from the last quarter and this number is expected to increase in the next two quarters.

North America, which is the home to many large and prominent industries, remains as the favourite target of Malware authors in the past quarters. This may be due to the new trend of Malware slanting on profit more than destructiveness, it said.

http://www.zeenews.com/znnew/articles.asp?aid=229353&ssid=29&sid=env

The study, conducted by Infonetics Research, is based on interviews with network managers from small, medium and large organizations for five markets.

The study revealed the following findings: Security remains top concern when implementing VPNs, rated a barrier by over 33 percent of the respondents, most respondents keep VPN products in use for 2-4 years across, total penetration of SSL VPN for remote access if fairly high, with 39 percent of remote access respondents using it now, 14 percent use fully managed VPN services and the money is spread across a wide range of providers.

“VPN and firewall appliances are the most popular devices for deploying VPNs across size groups and verticals, followed by router-based products,” said Jeff Wilson, principal analyst for VPNs and security at Infonetics Research. All VPN/firewall appliances are folding in additional security technologies, and the line between VPN/firewall devices and integrated security appliances is rapidly disappearing.”

http://www.ebcvg.com/articles.php?id=763

A recent survey results, conducted by Proofpoint, indicate the rising prominence of outbound email as a source of risk for corporations.

The survey found that more than 63% of US corporations with 1,000 or more employees either employ or plan to employ staff to read or otherwise analyze outbound email, 36% of US companies employ staff to monitor email today with another 26.5% saying they intend to employ such staff in the future.

In the largest companies (those with more than 20,000 employees) this practice is even more common – 40% employ staff to monitor email today and an additional 32% plan to employ such staff in the future.

UK companies are just as likely to be losing valuable intellectual property via email, potentially running afoul of privacy and data protection regulations and opening themselves up to costly litigation due to ageist, racist or sexist email content. Fortunately, “big brother” tactics aren’t required to keep outbound email under control. By putting the right technology, policies and processes in place companies can greatly reduce the financial, legal and regulatory risks related to outbound email without resorting to reading employee email, “said Gary Steele, CEO of Proofpoint Inc.

http://www.ebcvg.com/articles.php?id=755

By extending security to the Internet cloud, denial-of-service attacks, for example, never reach the gateway.

“We would take what an MSSP does and mesh that with our infrastructure so that the service provider and carrier becomes one,” said AT&T CISO Ed Amoroso.

CISOs, meanwhile, will still have network responsibilities like setting policy and aligning policy with an enterprise business model. They’ll be alleviated of costly signature updates and license renewals.

“Carriers and ISPs will provides these services for you,” Gartner research director John Pescatore said.

Gartner research director Greg Young identified seven selection criteria IT managers should use when purchasing an IPS.

“I could see some [savings] with these services, but they’d have to be secure by definition,” said Neil Delaney, IT infrastructure manager with NJ Manufacturers of New Jersey. “The SLA with the carrier would have to say no DoS attacks, no scanning, no RPC viruses getting through. And let’s say I push all this to the cloud, does that mean I don’t have a firewall on my side anymore?”

In the meantime, Gartner cautions that it may be more crucial than ever to establish secure zones between IT systems and the Internet.

Attacks are maturing beyond broad-based worms, and now target specific applications and business processes putting additional perimeter pressure on managers to deploy tools like next-generation firewalls that combine IPS and a Web application firewall, in addition to traditional IDS and IPS defenses. “You’re not going to see mass signatures that protect anymore,” Pescatore said.

Next generation firewalls that do deep-packet inspections from vendors like Juniper Networks, Check Point and Fortinet employ a heuristics engine and allow all network traffic and behavior, except those which policy says it must block.

http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1095562,00.html

“We have two years of pretty nasty innovation coming from wrong side,” said Dave Anderson, president and CEO of Sendmail Inc. “That may be good from a business perspective for us, but it’s bad from the perspective of our customers.”

While threats may still be real, the market for e-mail security also has turned from a seller’s market to more of a buyer’s market as the first wave of customers have already installed technology such as anti-spam software, said Peter Christy, a principal at market researcher Internet Research Group.

The e-mail security and management market also appears headed toward more consolidation as bigger vendors such as Symantec Corp. and Microsoft Corp. have more aggressively pursued the market and as areas such as anti-virus protection and spam-fight have become more common, panelist said.

As e-mail and other messaging technologies such as instant messaging are accessed more regularly on mobile devices, security threats will follow as well, Anderson said.

http://www.eweek.com/article2/0,1759,1823283,00.asp?kc=EWRSS03119TX1K0000594

Luckily for financial services, one of the most heavily regulated industries, IT vendors are providing a competitive array of compliance solutions.

IT’s role in compliance is growing because regulation increasingly requires that business activities be monitored, audited, and scrutinised; this translates to the storage and retention of vast amounts of data — and only technology can handle that load. “The nature of IT’s role in compliance varies widely among companies, but it’s clear that growing regulatory requirements are giving IT specialists in companies a lot more work and bringing them into contact with different corporate departments,” says Nigel Holloway, director of executive services for the Americas at the Economist Intelligence Unit in New York.

However, just because technology can assist with compliance, does not mean that it comes cheap. And this is making for a further imperative: spending on compliance must be linked to the investment in wider business goals. For many, this is likely to be the only way they can justify the expenditure compliance necessitates.

According to the EIU, over half of the executives they spoke to said that the annual expenditure in this area of IT is expanding by over 10 percent a year.

http://insight.zdnet.co.uk/business/legal/0,39020487,39200378,00.htm