More security services analytics
In today's enterprise, the endpoint could be any number of devices operating in any number of locations. With endpoint technology changing so rapidly, what's the best approach to building an effective, enforceable endpoint security strategy that works across the enterprise? In this Dark Reading report, we examine the challenges of endpoint security and recommend the steps organizations should take toward developing a security strategy that is both effective and practical.
Is your glass house a sparkling hub of IT innovation or a financial albatross? For many, it's the latter. Worse, we often lack agility, 67% say application and hardware philosophies frequently or occasionally conflict business demand, and just 27% say a private cloud is a high priority. Meanwhile, planned use of colocation facilities is up an anemic 5 points over last year.
The value of threat intelligence is based on organization-specific factors, including how threat intelligence is defined, the data the organization evaluates, the maturity of the shop in question and the use cases for the data. In this Dark Reading report, we examine how a combination of threat intelligence and security monitoring can boost enterprise defenses, and recommend how to determine if your organization is ready to tap into the model.
Our 1,029 respondents are getting wise on awareness, with just 13% saying they're more vulnerable than last year. Still, 73% see mobility as a threat, and 75% admit they may be ignorant of a breach.
Database administrators are the caretakers of an organization's most precious asset -- its data -- but rarely do they have the experience and skills required to secure that data. Indeed, the goals of DBAs and security pros are often at odds. That gap must be bridged in order for organizations to effectively protect data in an increasingly complex and threat-ridden environment. In this Dark Reading report, we examine what DBAs should know about security, as well as recommend how database and security pros can work more effectively together.
Almost half, 47%, of our 450 respondents consider the company a serious threat in the networking market, with just 34% calling the government ban on carriers buying Huawei equipment for U.S. networks a deal breaker. What's your stance?
It seems as though not a day goes by without a headline screaming that some organization has experienced a data breach, putting the business -- and its customers and partners -- at risk. To keep your own organization out of the news, it's important to understand the most common causes of data breaches and what you can do to mitigate the threats they present.
A DCI lets companies link two or more data centers together for disaster recovery or business continuity, but it's not easy. This report provides an overview of the major DCI technologies and describes their pros and cons.
Among nearly 900 qualified respondents to our poll, 71% say m-commerce is very or extremely important to the future of their organizations. However, just 26% have comprehensive strategies in place now. That spells opportunity.
Web applications are fraught with risk, but for most companies, not having them is not an option. They're just too important to customers and to the business. In this Dark Reading report, we recommend some best practices for balancing the needs of the business with security requirements. It doesn't take special certification or a million dollars, but it does take planning, time, and a smart combination of tools and best practices.
The devil you know is better than the one you don't. Never was that adage more true than in today’s complex, ever-changing computing landscape. Unfortunately, new (and sometimes renewed) security threats are rising every day, putting IT and security pros in a defensive posture. In this Dark Reading report, we examine 10 emerging threats that you should have on your radar now.
Municipal IT pros we surveyed see many potential benefits in "smart cities" technological transformation efforts, including more efficient public services, indicated by 66%, and improved infrastructure and lower municipal costs, each chosen by 44%. But there's still a long way to go: Just 7% of respondents call their city's strategy for investing in IT to provide better, more efficient public services "progressive and well conceived." Find out how five U.S. cities are using mobile, big data and other technologies to make their communities better places to work and live.
For most organizations, the imminent danger that advanced persistent threats pose has been relatively low. That's changing as attackers' target base widens, their knowledge grows and their cyber weapons trickle down to the hacker masses. In this Dark Reading report, we examine the current APT landscape and provide recommendations for protecting your organization against this growing concern.
IT departments stuck playing catch-up will never be able to innovate and become a true strategic partner to the business, but that's the situation many of our survey respondents find themselves in: 43% say their budgets are flat, 58% say improving security is on the to-do list and 40% say IT faces tougher spending oversight than other departments.
SDN products are finally hitting the enterprise market. Do you have a strategy? This report, the companion to our online comparison, explains key factors to consider in four areas: software-defined networking controllers, applications, physical or virtual switches, and other compatible hardware.
Our latest survey shows slow adoption, with 40% now using cloud services. Despite cloud's massive potential to revolutionize IT, 51% are being held back by the fear of security flaws, and few of our 446 respondents are fundamentally changing the way they do IT as a result of the cloud. Ultimately, this reactive approach will render some shops obsolete.
When it comes to mobile security, some concerns are common across all organizations. One of the biggest is the surge in the use of personal devices for business purposes -- otherwise known as BYOD. However, the challenges for SMBs are heightened because these organizations often lack resources and expertise. In this Dark Reading report, we examine mobile security risks that are unique to SMBs and provide recommendations for tackling the problems.
Malware costs us billions of dollars every year, and the problem shows no sign of abating. Crafting new strains is big business, and makers of standard protection suites are outgunned. So now what? This report, the companion to our online comparison, explains the key factors to consider when shopping for advanced gateway-based anti-malware systems.
There's a lot for enterprises to like about the cloud computing model: It offers easy access to shared, elastically allocated computing resources; it creates savings on capital expenditure; and it reduces the running costs of operating a network. But all of this comes at the cost of control, which increases security challenges for IT pros. In this Dark Reading report, we examine the threat that cloud computing really poses, and we offer advice for tightening cloud providers' -- and your own -- security ship.
The notion of splitting smartphones and tablets into personal and business partitions is gaining strength, for good reason. Here are three paths, but be warned -- iOS shops will have a tougher go of it.
Cloud services, thin clients and a lean OS designed to marry the two -- plus price and security advantages -- mean Google could finally unseat PCs as the workplace client of choice. Here’s how do decide if you can make the move.
IT staff and management in small and midsize businesses take home about 13% less than their colleagues in larger companies, but the intangibles of working in a smaller organization make it easier to swallow.
Salaries are rising slightly, with median compensation for IT staff at $90,000 and for managers at $120,000. Here are 11 key insights that IT pros should take from the findings from our 14,000 survey respondents.
Salaries are basically flat for managers and staff in network and data center positions, according to InformationWeek's 2013 U.S. IT Salary Survey. Base salaries rose by a median of less than 2% for staff and management vs. 2012. In other words, the weak economic recovery is reflected in paychecks for IT pros.
Salaries are up 2.1% for staffers and 3.4% for managers. But bonuses are lower, employer-paid training is hard to come by and outsourcing remains a threat to employment. Still, 63% of staffers and 66% of managers say they're satisfied or very satisfied with their jobs.
Free Research and Reports
- Big Data: Architecting Systems at Speed - E2 Conference Boston
- Secure your mobile applications in the new commerce era - Mobile Commerce World - Mobile Commerce World
- Learn how to move your broadband service to an All-IP network at TelcoVision (formerly TelcoTV) - TelcoVision
- Learn how to best integrate mobile commerce with your current systems -- Mobile Commerce World - Mobile Commerce World
- How to Choose a SaaS Vendor - E2 Conference Boston
Dark Reading Digital Magazine
In This Issue
- Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
- Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
- BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.
Time To Set Up That Honeypot
Securing Cisco IP Telephony
Attribution Is Much More Than A Source IP
New CA Group Has Big Names, Small Impact
How To Build An IT Security Budget
5 Approaches To Decaffeinating Java Exploits
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 188.8.131.52.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging read access.
The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a CVE-2012-4008 regression.
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack that leverages the insufficient number of possible passphrases.