Latest News: Technology |  Celebrity |  Movies |  Apple |  Cars |  Business |  Sports |  TV Shows |  Geek

Trending

Filed under: News | Technology News

 

Security Statistics Show That We Need To Reinvent Enterprise IT

Mar 4 2014, 1:26pm CST | by

1 Updates
Security Statistics Show That We Need To Reinvent Enterprise IT
 
 

YouTube Videos Comments

Full Story

Security Statistics Show That We Need To Reinvent Enterprise IT

Often the conversation about the security of technology systems is parsed in terms that suggest the biggest risk vector comes from small organizations without the IT budget to ensure good security. However recent high profile breaches from the likes of Target and Neiman Marcus has called this perspective into question. New research from security rating vendor BitSight would seem to back up the perception that larger companies in fact pose a real security risk.

BitSight has put together a report detailing the security effectiveness of different companies. Their approach is to create something analogous to a credit score, that analyzes the entire security situation and rates organizations based on externally observable security incidents – botnets, spam, malware, unsolicited communication, DDoS, system configuration, etc. BitSight ran the report across 460 of the S&P 500 (excluding the telcos) and high level findings include:

  • During 2013, at any given time, between 68% and 82% of the S&P 500 companies had been compromised with an externally observable event
  • Only 18% of companies had strong SSL certificates, the remainder sent data across the Internet without proper encryption
  • Only 24% of companies had strong SPF records that could prevent email spoofing… these are some of the largest companies in the US!

So what is going on here? Are the attacks becoming more sophisticated or are large organizations really dropping the ball on this? Well another survey, this time by Trustwave, would seem to indicate that it’s very much the latter. Trustwave surveyed 800 IT professionals and looked at the top security pressures they face. It tried to differentiate between external pressures (new attacks, more frequent attacks) and internal ones (reduced budgets etc). The results are somewhat sobering:

  • 4 out of 5 IT pros were pressured in 2013 to rollout IT projects despite security issues
  • Businesses Put the Blinders On: 73% of respondents believe their organization is safe from security threats
  • 85% of IT pros say a bigger IT security team would reduce security pressures and bolster job effectiveness
  • From the Board Room to the Executive Bench: 50% of IT pros said they feel the most pressure from their organization’s owners, Board, or C-level executives when it comes to security

It seems that in a headlong race to become more agile and deliver on the innovation that the organization and the marketplace demands, enterprises are taking a fairly slack approach towards security. But perhaps this is an unavoidable reaction to the pressures organizations are under – is it feasible to deliver product more rapidly while still remaining secure?

I believe that to an extent these statistics are a direct result of the move towards the “lean enterprise”. I speak with many large enterprises who are trying to emulate Eric Ries’ Lean Methodology for startups – in doing so they’re keen to roll out minimum viable products to test a business hypothesis. While this is an admirable aim from the perspective of increasing innovation, it leaves significant gaps when it comes to security. I’m reminded of the book The Phoenix Project, a novel that looks at the reality of one fictional enterprise trying to balance agility with robustness.

It seems to me however that there is a resolution to these problems, but to gain the edge, organizations need to rethink the fundamental systems they use. The current status quo of having core systems, point applications and the operating platform as distinct and siloed entities can’t deliver agility combined with robustness. Rather organizations need to find a new sort of operating system that allows them to create new applications but within a strong governance wrapper. Seemingly this is the reason that Warner Music Group famously ripped out its technology systems to create an entirely new stack, one that mixes high degrees of flexibility with overall compliance.

Trying to shoehorn agility onto existing systems is a guarantee of problems – the recent large enterprise breaches have show this. Enterprises that truly want to be innovative within the constraints of what they do need to rethink their core systems and revisit the way they operate. Only by doing this will they be able to reconcile the various pressures they feel.

Source: Forbes

 

You Might Also Like

Updates


Sponsored Update


Advertisement


More From the Web

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Comments

blog comments powered by Disqus

Latest stories

Hello Kitty is Not a Cat!
Hello Kitty is Not a Cat!
Amongst some of the latest news to hit the scene is a factoid: Hello Kitty is not a cat! This might be a little hard to believe but for better or worse it is true.
 
 
Joan Rivers is &quot;Resting Comfortably&quot; says Melissa Rivers
Joan Rivers is "Resting Comfortably" says Melissa Rivers
Melissa Rivers, who is talk show host Joan Rivers’ daughter, recently informed the public about her mom’s convalescence in a hospital.
 
 
Harry Belafonte about to receive Special Oscar Award
Harry Belafonte about to receive Special Oscar Award
The veteran actor, songster and producer extraordinaire, Harry Belafonte is about to receive a special Oscar award. Three other people besides him will be awarded one too.
 
 
Google&#039;s Project Wing aims to create safe delivery drones
Google's Project Wing aims to create safe delivery drones
Google says that the project is still in its early stages of development.
 
 
 

About the Geek Mind

The “geek mind” is concerned with more than just the latest iPhone rumors, or which company will win the gaming console wars. I4U is concerned with more than just the latest photo shoot or other celebrity gossip.

The “geek mind” is concerned with life, in all its different forms and facets. The geek mind wants to know about societal and financial issues, both abroad and at home. If a Fortune 500 decides to raise their minimum wage, or any high priority news, the geek mind wants to know. The geek mind wants to know the top teams in the National Football League, or who’s likely to win the NBA Finals this coming year. The geek mind wants to know who the hottest new models are, or whether the newest blockbuster movie is worth seeing. The geek mind wants to know. The geek mind wants—needs—knowledge.

Read more about The Geek Mind.