Latest News: Technology |  Celebrity |  Movies |  Apple |  Cars |  Business |  Sports |  TV Shows |  Geek


Filed under: News | Technology News


Security Statistics Show That We Need To Reinvent Enterprise IT

Mar 4 2014, 1:26pm CST | by

1 Updates
Security Statistics Show That We Need To Reinvent Enterprise IT

YouTube Videos Comments

Full Story

Security Statistics Show That We Need To Reinvent Enterprise IT

Often the conversation about the security of technology systems is parsed in terms that suggest the biggest risk vector comes from small organizations without the IT budget to ensure good security. However recent high profile breaches from the likes of Target and Neiman Marcus has called this perspective into question. New research from security rating vendor BitSight would seem to back up the perception that larger companies in fact pose a real security risk.

BitSight has put together a report detailing the security effectiveness of different companies. Their approach is to create something analogous to a credit score, that analyzes the entire security situation and rates organizations based on externally observable security incidents – botnets, spam, malware, unsolicited communication, DDoS, system configuration, etc. BitSight ran the report across 460 of the S&P 500 (excluding the telcos) and high level findings include:

  • During 2013, at any given time, between 68% and 82% of the S&P 500 companies had been compromised with an externally observable event
  • Only 18% of companies had strong SSL certificates, the remainder sent data across the Internet without proper encryption
  • Only 24% of companies had strong SPF records that could prevent email spoofing… these are some of the largest companies in the US!

So what is going on here? Are the attacks becoming more sophisticated or are large organizations really dropping the ball on this? Well another survey, this time by Trustwave, would seem to indicate that it’s very much the latter. Trustwave surveyed 800 IT professionals and looked at the top security pressures they face. It tried to differentiate between external pressures (new attacks, more frequent attacks) and internal ones (reduced budgets etc). The results are somewhat sobering:

  • 4 out of 5 IT pros were pressured in 2013 to rollout IT projects despite security issues
  • Businesses Put the Blinders On: 73% of respondents believe their organization is safe from security threats
  • 85% of IT pros say a bigger IT security team would reduce security pressures and bolster job effectiveness
  • From the Board Room to the Executive Bench: 50% of IT pros said they feel the most pressure from their organization’s owners, Board, or C-level executives when it comes to security

It seems that in a headlong race to become more agile and deliver on the innovation that the organization and the marketplace demands, enterprises are taking a fairly slack approach towards security. But perhaps this is an unavoidable reaction to the pressures organizations are under – is it feasible to deliver product more rapidly while still remaining secure?

I believe that to an extent these statistics are a direct result of the move towards the “lean enterprise”. I speak with many large enterprises who are trying to emulate Eric Ries’ Lean Methodology for startups – in doing so they’re keen to roll out minimum viable products to test a business hypothesis. While this is an admirable aim from the perspective of increasing innovation, it leaves significant gaps when it comes to security. I’m reminded of the book The Phoenix Project, a novel that looks at the reality of one fictional enterprise trying to balance agility with robustness.

It seems to me however that there is a resolution to these problems, but to gain the edge, organizations need to rethink the fundamental systems they use. The current status quo of having core systems, point applications and the operating platform as distinct and siloed entities can’t deliver agility combined with robustness. Rather organizations need to find a new sort of operating system that allows them to create new applications but within a strong governance wrapper. Seemingly this is the reason that Warner Music Group famously ripped out its technology systems to create an entirely new stack, one that mixes high degrees of flexibility with overall compliance.

Trying to shoehorn agility onto existing systems is a guarantee of problems – the recent large enterprise breaches have show this. Enterprises that truly want to be innovative within the constraints of what they do need to rethink their core systems and revisit the way they operate. Only by doing this will they be able to reconcile the various pressures they feel.

Source: Forbes


iPad Air Giveaway. Win a free iPad Air.

You Might Also Like


Sponsored Update


More From the Web

Shopping Deals


<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.




blog comments powered by Disqus

Latest stories

Sharknado 2: The Second One Premieres Tonight
Sharknado 2: The Second One Premieres Tonight
Sharknado 2's about to strike Manhattan, New York City. Find out how to survive SyFy's latest monster movie.
Jadeveon Clowney Aces Jim Washburn's Drill
Jadeveon Clowney Aces Jim Washburn's Drill
Houston Texans rookie linebacker Jadeveon Clowney is just the second player to ace defensive line coach Jim Washburn's drill for evaluating pass rushers.
Master of Craft Game Review
Master of Craft Game Review
A brand new role-playing game (RPG), Master of Craft (MoC) is fully rendered in 3D. Avid fans and lovers of RPGs enjoy its unique economy where they are allowed to craft and produce their own armors and weapons. Moreover, players can also operate their market and experience to be a merchant and run their own town. The objective of the game is to build a large empire of buildings and focuses solely on crafting armors and weapons.
Liam Neeson and Natasha Richardson&#039;s Final Moments
Liam Neeson and Natasha Richardson's Final Moments
Liam Neeson's opening up about the couple's final moments before taking Natasha Richardson off life support.

About the Geek Mind

The “geek mind” is concerned with more than just the latest iPhone rumors, or which company will win the gaming console wars. I4U is concerned with more than just the latest photo shoot or other celebrity gossip.

The “geek mind” is concerned with life, in all its different forms and facets. The geek mind wants to know about societal and financial issues, both abroad and at home. If a Fortune 500 decides to raise their minimum wage, or any high priority news, the geek mind wants to know. The geek mind wants to know the top teams in the National Football League, or who’s likely to win the NBA Finals this coming year. The geek mind wants to know who the hottest new models are, or whether the newest blockbuster movie is worth seeing. The geek mind wants to know. The geek mind wants—needs—knowledge.

Read more about The Geek Mind.