The Next Big Thing
Posts about next generation technologies and their effect on business.

HP addressing the need for constant security vigilance

security extend.pngAfter talking with a number of people recently, it became clear that HP is constantly investing in the security space, much more than I knew. These investments have been going on for a very long time.

  • 2011 – Autonomy (Compliance, Behaviour & Classification)
  • 2010 - Fortify (Application Security),
  • 2010 - ArcSight (Compliance & Risk Mgmt)
  • 2009 - TippingPoint (via 3COM) (IPS)
  • 2008 - EDS / HP consulting and managed services, Vistorm security consulting and security managed services
  • 2007 - SPI Dynamics / HP Application Security Center

There is now a highly experienced team of more than 5000 professionals with security certifications including CHECK, CLAS, CISSP, CISM, CISA, CLEF, IISP, ISO 27001 Lead auditor, PCI QSA, and others but it doesn’t stop there.

 

There are a constant stream of announcements from HP in the security space (including one early this month) and new ones today. The reason for this vigilance is that every 7-10 years, technology development and delivery undergo a shift that opens up new business and access models. These shifts fundamentally change the way that technology is consumed and the value that it can bring; these shifts change what is possible and create new opportunities for innovation. They also open up new opportunities for security threat concerns and all organizations are affected by security breaches.

 

Cyber Security moved from 12th to 3rd place in risk factors faced by businesses in Lloyd’s 2013 Risk index. The potential for financial, reputational and physical damage has elevated the issue or cyber security to board level. Today’s enterprise is struggling to find the balance between protecting itself from organized cyber criminals, maintaining legal, regulatory and compliance standards while enabling the adoption of  new IT solutions for business value generation like mobility, cloud and analytics.

 

Additionally, cybercriminals have created a cybercrime market place, sharing and selling information on tools, tactics and targets, to find vulnerabilities in organizations’ infrastructure, stealing critical customer data and intellectual property. Individuals and groups are starting to specialize and turn into service providers for others wanting to use their capabilities, since the size of this underground security market may actually be larger than the protection oriented security market itself.

 

While some threats are external and malicious, others are internal - like a disgruntled employee who might steal proprietary information. There are also unintentional mistakes, such as an employee losing an unlocked or unencrypted device or being tricked into sending non-encrypted documents and classified company information to illegitimate sources. Alarmingly, as the enterprise landscape becomes more open and the need to share information greater, we see 44% of data breaches happening at the hands of a trusted supplier. The threat environment is dynamic and complex.

 

Regulators respond to this complex security ecosystem by implementing numerous regulations and mandates in the hope of preventing further issues. Unfortunately, using compliance to define your security strategy sets a low bar, since the requirements are reactive in nature. Organizations are forced to address the regulations because they can’t appear to be non-compliant.

 

HP is focused on helping organizations address their information security, by spend less time on reactive threat management and more on disrupting the security ecosystem. To focus on understanding and protecting business’s critical information assets to better aligned to their information risk tolerance (this is definitely not a once size fits all approach). There is a shortcoming for trained security personnel and HP is trying to provide the tools and the services to address the gaps for organizations.

 

Some of the new services announced today include:

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation