Site Sponsor:

mcafee_logo.gif
line

Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« Data Integration for Security Management | Main | Using Oracle and SQL Server Together and Keeping them Secure »

Data Breaches, Monitoring and Microsoft Changing Security Vendor's Market

A few stories recently are indicating a shift in the center of gravity in the security market. First, there is Symante CEO's comments on Microsoft's downward pressure on the desktop security market. Then there is Monster.com's recent announcement that they'd lost more than the 1.3 million customer records originally reported. Two days ago we saw an alliance of several smaller vendors, led by Imperva announcing a data integration framework for security management and monitoring. I think these will all add up to start expanding the range of what non-security professionals consider baseline security measures - and that will change where budgets are allocated.

The anti-malware market is mature, Microsoft is driving prices down and the major vendors in this space have to move in to other areas, like risk management, asset management, and data loss protection to keep growing.

For sure the continued spread of the Storm Worm to blogs and YouTube
is a good indication is just going to become more of a problem. Until security vendors come up with solutions to social engineering attacks we're probably going to see only marginal improvements in anti-malware techniques, real gains will come from better implementation of multi-layered defenses and better vulnerability management.

Monster.com is just the latest in high profile data breaches, and like the TJX breach, in which the initial reports underestimated the scope of the breach. Reuters is reporting:

While investigating the recent theft, the company learned that its Web site had previously been hacked.

"We're assuming it is a large number. It could easily be in the millions," [Monster Cheif Executive] Iannuzzi said in an interview with Reuters.

To be safe, he said, each Monster.com user should assume that his or her contact information has been taken.

If there are any company boards left that haven't responded to regulation compliance with better security management, news like this will drive them to seek tools for database monitoring, data loss prevention and vulnerability assessment. Thats where the center of gravity in the security market is heading.

Tags:                  
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Dan Sullivan on August 30, 2007 7:54 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/394

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Latest White Papers

line

Blog Roll

line

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net