When times were good, malware attacks were pretty much the cost of doing business. They happened from time to time, but nobody ever really considered their real impact on the business.
Now that times are tough and the number of zero-day malware attacks have increased, the operational costs of security are becoming a much bigger factor.
That’s the primary finding of a survey of 564 IT security managers conducted by The Ponemon Institute on behalf of Lumension, which finds that security issues are becoming a bigger drain on limited IT resources.
The survey also finds that far too many IT organizations don’t have much in the way of control over security policies. Many report either not having any or simply lack the wherewithal to enforce them.
According to Ed Brice, senior vice president for worldwide marketing at Lumension, the study not only highlights the need for more effective policy enforcement, but it also shows that anti-malware software isn’t enough to make the overall IT environment secure. And without additional security measures, IT organizations are incurring significant additional operating expense cleaning up after malware infects their systems.
A comprehensive approach to security should not only include anti-malware software; IT organizations should be deploying application controls, policy-based management systems based on whitelisting techniques and data loss prevention (DLP) systems.
Unfortunately, the majority of the IT organizations surveyed by Lumension have yet to deploy any of these security technologies, even as their operational security costs continue to rise. Worse yet, with the rise of mobile computing in the enterprise, Brice contends that the security will become even more complicated to manage.
Of course, in these tough times, it’s sometimes hard to make a case for additional security investments. But when you start to factor in how much time and expense is being wasted in the aftermath of a malware infestation, suddenly the cost of security doesn’t look nearly as prohibitive.
IT executives need the right tools to monitor and control their cloud infrastructure to maximize the positive impacts and mitigate security threats. ... More >>
Future IT leaders will need to seek technologies that eliminate silos in order to deliver the right information to the right person within the right application environment at the right time. ... More >>
To mitigate the risks of shadow IT, organizations must demonstrate the necessary agility and high quality of complex service assurance that users are looking for. ... More >>