Sitewide
RSS Feed:
FUD sells security, doesn't it?
 |
By: Michael Warrilow, Director, Hydrasight Published: 20th November 2007 Copyright Hydrasight © 2007 |
 |
- This is not your grandparent's Symantec
- Windows Server 2008 is here (and stuck between the big iron and a hypervisor)
- Don't believe the (virtualisation) FUD
- Virtualisation in 2008
- Pay IT forward (or hello to the $100 laptop)
- HP Software to acquire Opsware, and makes a loud cloud of smoke in the process
Delicious
Digg
reddit
Facebook
StumbleUponHydrasight has previously noted that it believes the enterprise security landscape will change significantly by 2009. Moreover, we stated that the vast majority of organisations will be unprepared to defend against an increasingly sophisticated blend of security threats by this time.
While I don't want to prejudice your thoughts, because I want your unbiased input, our current research is showing some interesting results. The vast majority of the organisations we're in contact with are feeling comfortable with the state of their external defences at present. Many consider themselves to be at least somewhat mature, or better, in terms of incident (i.e., attack) response, IT risk management and regulatory compliance.
This is a good thing... I hope (assuming they're not in collective denial).
The risk moving forward will, of course, be to remain vigilant and to not become complacent. Successful denial of service (DoS) attacks and/or unauthorised penetration appears low—or so well hidden that it would have to border on conspiracy if it were slipping below the IT radar so successfully. I do know several off-the-record examples of the former, mind you, among some of the largest organisations in AsiaPac... undertaken for profit and political activism.
So, as my title alludes, what's happened to security's drawcard of fear, uncertainty and doubt?
Along with the risk of complacency, and in the absence of a strong 'motivator' (e.g., compliance), there's a risk that overconfidence will lead to falling business interest in IT security. Tempering that, many now describe their overall enterprise security environment to me as 'sound' and 'aware' yet also 'growing more complicated'.
It would seem, overall, that we're maturing.
Click on this link to let me know what you think. If you give me five minutes then I'll commit to share the summary results with you.
PS - Curiously, and just so you don't get anxious, there remains quite a lot of planned activity in regard to what most would consider to be basic elements of infrastructure / application security (e.g., wireless, identity). As with all things, each matures at their own rate.
Reader Comments
We are no longer accepting comments against this item. We suggest contacting the author directly.