Enterprise Security Trends Blog | HP Blogs
Keep up with the latest cyber, consumerisation, collaboration and cloud enterprise security trends from the team of HP information security professionals.

How to justify a bigger security budget: Part 1

 

By Mary Ann Mezzapelle, Chief Technology Officer, Americas Region, Enterprise Security Services, Hewlett-Packard

 

Best-run security organizations are moving away from their “no” and “slow” reputations by transforming how security is managed—informing business decisions and supporting growth. You need to drop the endowment- and entitlement-type attitudes and learn how to run security like a business. This post introduces a three-part series on how to justify a bigger security budget with that data-driven mindset...

 

budget_compressed.jpg

  1. Single view of the IT Security capability and cost
  2. Understanding why organizations can’t keep up
  3. Demonstrating clear benefits and business impact

 

...so that you can help your organization understand the cost of protection, communicate in business terms and improve decision-making.

Security tip: Recognizing fake antivirus software

Enterprise connect video blog.pngChris Leach, Client Security Principal, Enterprise Security Services, Hewlett-Packard

 

Chances are you either have been victim or know someone who has been held hostage by a fake antivirus program. This fake program demands a ransom via your credit card to release your computer back to your control. Some of these programs are even accessing your camera and including a photograph of you—the user—as an additional scare tactic.

 

Here are some practical tips for you to use at home, with your friends, family, and clients that will help you address this growing type of malware.

What data is important? And what’s really not?

By Jeff Hales, Data Protection & Privacy Practice Lead, HP

It’s sometimes strange working for a company like HP, you forget what a massive complex organisation you work for, until something like Discover comes along and gives you a reminder. It’s a bit like data, you forget how much you have until something reminds you. Today my renewal for my personal cloud storage came in, so I checked to see how much storage I need, turns out I have just over 260Gb and 56,495 files which includes documents, pictures, music and home video. The question is though, how much do I really care about and how much is duplication and products of my son playing with Photoshop and pictures of Pokémon?

 

Information-overload-678x214.png

Suppliers key to security strategy

by Brian Trevey, Managed GRC Americas Leader, HP Enterprise Security Services

 

Are your suppliers opening the doors to your data?  The Target breach is just the latest example of the numerous types of breaches that have occurred through organizations suppliers.  Oversight of third-party risk requires continuous monitoring and vigilance. 

Are your applications securely holding the fort in your enterprise?

By E.G. Nadhan, HP Distinguished Technologist

 

Application Security.pngAdversaries are always on the prowl to penetrate the perimeters of the enterprise through the demilitarized zones, the intranet, the servers, the operating systems, the applications and finally, the data. Their overall goal is to gain access to the underlying data, which has even more value and context when accessed through the applications layer. Once the applications security is compromised, there are really no more layers of protection—since it opens up unfettered access to the data. Therefore, the applications layer has to hold the fort in your enterprise and be on guard should the outer perimeters be penetrated. 

Search
Showing results for 
Search instead for 
Do you mean 
Follow Us


About the Author(s)
  • Manage cyber engineering & architecture team developing security services, security reference architectures, big data security, mobility, cloud, cyber situational awareness and security operation center solutions. Responsible for developing innovative cyber solutions across public sector accounts. Collaborates with HP Labs, HP CTO Organization, product groups and third-party vendors to leverage innovative technologies to deliver the next generation of cybersecurity solutions.
  • A business first, senior executive, with over 20 years of hands on experience in defending banks, governments and corporations against cyberwarfare. My career in security started when I was employed to crack a secure system, which had locked down the boot process, whitelisting of applications and encrypted disks. I linked TeamOffice (an ICL email and collaboration system) with Microsoft Word to send an email which allowed me to do anything the person reading the email could do and send the results back to me, all without there knowledge. Having proved this vulnerability, I worked with Peter Simpson to create Defuse, a tool that blocked inappropriate actions. This successfully blocked Winword Concept, the first known malicous code in the wild. From these begginings I have investigated all aspects of security to provide an holistic approach to security as a business enabler and currently advising organisations on the suitability of the cloud to their needs.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation