Risk
12/6/2012
02:18 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

451 Research Publishes In-Depth Security Study

Security budgets experienced a significant gain between 2011 and 2012, study shows

NEW YORK, Dec. 6, 2012 /PRNewswire/ -- TheInfoPro, a service of 451 Research, released its latest information security study, indicating strong budgets for security projects in 2013. Conducted during the second half of 2012, TheInfoPro study identifies key initiatives of senior information security managers and examines market factors and major players. This annual study is based on extensive live interviews with security professionals and primary decision-makers at large and midsize enterprises in North America and Europe.

Highlights from the TheInfoPro Information Security Study include:

-- Buoyed largely by budget increases at large North American enterprises, security budgets experienced a significant gain between 2011 and 2012 with 45% of respondents noting an increased budget for security projects and personnel. -- Top projects looking to gain a share of increased budget allocations include mobile device management (MDM), endpoint and network data leakage prevention (DLP), and application-aware firewall implementations. -- The combined effects of IT Consumerization and the 'Bring Your Own Device' trends have driven Mobile Device Security to take over the top slot as the key pain point for security managers in 2012, going from 11% of responses in 2011 to 15% in 2012. -- Application-aware firewalls continue to be one of the hottest technologies in the network security category - 8% of respondent implementation is planned for within six months, with another 14% having longer term plans penciled in. -- Driven by a constant drumbeat of customer data breaches, Endpoint DLP continues to be a top project, with 10% of respondents reporting short term implementation plans. "47% of security managers we interviewed noted a planned budget increase between 2012 and 2013 with only 8% constricting their spending," said Daniel Kennedy, TheInfoPro's Research Director for Information Security. "Securing employee owned mobile devices is the chief headache for security managers, and 2013 will be a key year for mobile device management implementations - 20% of enterprises report projects underway within the next six months, with another 9% planning implementations in the longer term."

Research Directors Daniel Kennedy and Wendy Nather will host a 451 Research Innovation webinar on December 13th to discuss the report's findings.

Webinar Details:

-- Title: The State of Information Security in 2013 -- Date: December 13, 2012 -- Time: 2 pm ET -- Presenters: Daniel Kennedy, Research Director, Information Security and Wendy Nather, Research Director, Information Security -- Registration: https://www1.gotomeeting.com/register/671005121 About TheInfoPro Information Security Study TheInfoPro Information Security Study examines key trends across the security industry, as well as the performance of individual vendors. The study is completed annually, and is based on hour-long interviews with security professionals and primary decision-makers at large and midsize enterprises primarily in North America. The interview results are collected in comprehensive research reports that provide continuous business intelligence within key areas, such as technological road maps, spending plans and vendor performance. A sampling of vendors covered in the Vendor Performance and Technology Roadmap components of the study include: Blue Coat, Check Point, Cisco Dell, EMC, Fortinet, Juniper Networks, Microsoft, Oracle, Palo Alto Networks, Rapid7, Sourcefire, Veracode, VeriSign, Websense, and WhiteHat Security.

About 451 Research 451 Research, a division of The 451 Group, is focused on the business of enterprise IT innovation. The company's analysts provide critical and timely insight into the competitive dynamics of innovation in emerging technology segments. Business value is delivered via daily concise and insightful published research, periodic deeper-dive reports, data tools, market-sizing research, analyst advisory, and conferences and events. Clients of the company - at vendor, investor, service-provider and end-user organizations - rely on 451 Research's insight to support both strategic and tactical decision making. 451 Research is headquartered in New York, with offices in key locations, including San Francisco, Washington DC, London, Boston, Seattle and Denver.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8802
Published: 2015-01-23
The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers to (1) add a user by uploading a crafted CSV file or (2) activate a user account via a verifyit action.

CVE-2014-9623
Published: 2015-01-23
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quote and cause a denial of service (disk consumption) by deleting an image in the saving state.

CVE-2014-9638
Published: 2015-01-23
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.

CVE-2014-9639
Published: 2015-01-23
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.

CVE-2014-9640
Published: 2015-01-23
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If you’re a security professional, you’ve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.