Outdated Tech 'Larger Threat than Malware,' says Lumension CEO

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  
Slide Show

Ten Things About the IT Life of a Small Business Professional

A quick look at what the average business executive does and does not know about small business IT.

Patrick Clawson, chairman and CEO of security vendor Lumension, wrote a blistering blog on the poor state of security earlier this month. Referring to findings from a new report commissioned through The Ponemon Institute titled "State of Endpoint Risk 2011," Clawson expressed his dismay at how businesses are still using outdated technology on a security landscape filled with sophisticated new threats.


Clawson's blog triggered memories of the "battles" I faced in the past to secure the requisite budgets to purchase new IT equipment and hardware for SMBs. When it comes to paying for intangibles, be it for the purpose of increasing work efficiency or preventive measures to enhance security, senior executives often have great difficulty understanding the need to channel precious resources from other more visible items on their list. This is especially true for small- and mid-sized businesses, where the mere presence of a centralized anti-virus management solution typically speaks of an enlightened management.


The need for modern tools that can defend against new threats is more pressing than ever, given the sophistication of new exploits that leverage on novel zero-day vulnerabilities or recently disclosed flaws.Whitelisting and patch management products comes to mind for the above scenarios, with device control also useful for guarding against inadvertent or malicious data leaks.


In addition, the best end-point protection would be worthless without the proper network defenses, which could range from basic firewalls to appliances capable of performing application-level filtering. Such equipment can add up to a hefty amount, however, so why bother putting more money down when things are humming along just fine?


Clawson has strong words on this point, noting that:

More than 64% of survey respondents said that their networks are not more secure than they were last year. Sadly, this is not progress. The enemy has changed the game, and we have the weapons and strategies to defend ourselves, but we aren't arming ourselves to win the battle.

Fortunately, it appears that SMBs are waking up to the dangers: The report observed that 48 percent of individuals surveyed have seen an increase in IT operating expenses, with malware being cited (59 percent) as the main driver. For small- and mid-sized businesses used to thinking in terms of whether to renew their anti-virus software subscription or not, though, increasing budgets is merely the first step to securing a business environment with relevant tools.


As 2010 draws to a close, my plan is to start 2011 by exploring modern security-centric devices and software that small- and mid-sized businesses will do well to look into. In other words: new weapons and strategies for a new year. Stay tuned.