Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

11/17/2011
09:18 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Spending On Information Security Continues To Outpace The Rest Of Corporate IT

Thirty-seven percent of security pros are planning an increase in spend

NEW YORK, November 17, 2011 – TheInfoPro, a division of leading analyst and data company The 451 Group, recently released the findings from its bi-annual study of the Information Security market, where the source of the data is in-depth, one-on-one interviews with over 150 decision-makers in the Global 2000. Key findings include:

Information Security spend is strong with many diverse drivers:

- Directionally for 2012, Information Security Professionals are not planning a slowdown. Thirty-seven percent are planning an increase in spend, with 16% planning a decrease.

- Thirty-nine percent are spending more in 2011 vs. 2010, and only 15% are spending less – showing the resiliency of the market in challenging economic times.

- In the one-on-one interviews, decision-makers detailed compliance, mobile devices and preventing data loss as the drivers for spending increases.

Data Leakage Prevention (DLP) and Application-Aware Firewalls are products on the move:

- Data Leakage Prevention (DLP) resides in the top spot of TheInfoPro’s proprietary Information Security Technology Heat Index™, which gauges immediacy of planned implementation for 40 technologies, as the G2000 look to protect custodial and intellectual property data from leaking out of their environment. The traditional antivirus vendors, Symantec (SYMC) and Intel’s (INTC) McAfee, look to benefit with rollouts of both endpoint and network DLP on tap.

- Application-Aware Firewalls make a nice jump in the Heat Index, with Palo Alto and Check Point (CHKP) benefiting from the 28% of in-plan implementations. Palo Alto will be a vendor to watch as it is beginning to replace some of the major incumbent providers with its application-visibility-based approach.

The Information Security study was led by newly appointed Research Director Daniel Kennedy. “Information Security spending is very solid in 2011, and looks to remain that way for 2012. It is not difficult to see why, as significant data breaches in the last few years have never been far from the front page. In addition, environmental complexity continues to increase, including the effects of virtualization and cloud implementations, and consumer IT starts to drive enterprise IT requirements, especially in the mobile computing space,” cites Kennedy.

Prior to joining TheInfoPro, Kennedy was a Partner in the information security consultancy Praetorian Security, LLC, where he directed strategy on risk assessment and security certification. Before that, he was Global Head of Information Security for D.B. Zwirn & Co. (now Fortress Investment Group), as well as Vice President of Application Security and Development Manager at Pershing LLC, a division of the Bank of New York.

About TheInfoPro Information Security Study

The Information Security study is completed biannually and is based on hour-long interviews with Information Security decision-makers at large enterprises in North America.

The study focuses on large enterprises: technology roadmaps, vendor performance, forward-looking spending plans, top projects, pain points and organizational metrics. This most recent study had a particular focus on the impact of virtualization, cloud and mobile devices on an organization’s security efforts. A sampling of vendors covered in the Vendor Performance and Technology Roadmap components of the study include: Cisco (CSCO), Check Point (CHKP), Juniper Networks (JNPR), Rapid7, WhiteHat Security, Websense (WBSN), Sourcefire (FIRE), Palo Alto Networks, Fortinet (FTNT), Oracle (ORCL), Dell (DELL), EMC (EMC), Microsoft (MSFT), Blue Coat (BCSI), Trend Micro, Sophos, HP (HPQ) and FireEye. For additional information, or to order this report, please contact [email protected]

About TheInfoPro

TheInfoPro is a division of The 451 Group and a leading advisory and research firm that provides real-world perspectives on the customer and market dynamics of the information technology landscape. Using a unique research methodology that harnesses the collective knowledge and insights of leading IT organizations worldwide, TheInfoPro serves as a conduit between IT decision-makers, technology providers and institutional investors. To learn more, visit http://www.theinfopro.com or email [email protected]

About The 451 Group

The 451 Group is a leading technology-industry analyst and data company focused on the business of enterprise IT innovation. The company provides critical and timely insight into the market and competitive dynamics of innovation in emerging technology segments.

Clients of the company – at vendor, investor, service-provider and end-user organizations – rely on The 451 Group’s insight to support both strategic and tactical decision-making. The 451 Group is headquartered in New York, with offices in key locations, including San Francisco, Washington DC, London, Boston, Seattle and Denver.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).