ITIC: Home

Archive for 2013

An overwhelming 80% of companies say that “end user carelessness” constitutes the biggest security threat to their organizations, surpassing the ever-present peril posed by malware or organized hacker attacks .

Additionally, 65% of businesses do not calculate the cost or business impact of security-related downtime and over 30% of firms are unable to detect or defend against a security breach in a timely manner when one does occur.

Those are among the top findings of the ITIC/KnowBe4 “2013 – 2014 Security Deployment Trends Survey.” The joint independent Web-based survey polled 500 organizations during October/November 2013 on the leading security threats and challenges facing their firms and their top priorities over the next 12 to 18 months. In order to maintain objectivity, ITIC and KnowBe4 accepted NO vendor sponsorship and none of the respondents received any remuneration for participating.

The data indicates that IT departments are hard pressed to stay abreast of myriad security issues which represent just one portion of their overall job responsibilities. Some 44% of survey respondents said their IT departments and security professionals spend less than 20% of their time on daily operational security. Another 32% said they devote 20% to 40% of their time on security. Only 20% of participants dedicate a significant portion of their daily and weekly administrative activities to securing their systems and networks.

[keep reading…]

Yes, infrastructure absolutely does matter and has a profound and immediate impact on enterprise security.

Server hardware (and the server operating systems and applications that run on them) form the bedrock upon which the performance, reliability and functionality of the entire infrastructure rests. Just as you wouldn’t want to build a house on quicksand, you don’t want your infrastructure to be shaky or suspect: it will undermine security, network operations, negatively impact revenue, raise the risk of litigation and potentially cause your firm to lose business.

And that’s just the tip of the iceberg. These days, many if not most corporate enterprises have extranets to facilitate commerce and communications amongst their customers, business partners and suppliers. Any weak link in infrastructure security has the potential to become a gaping hole, allowing a security breach to extend beyond the confines of the corporate network and extranet. Security breaches can infect and invade other networks with astounding rapidity.

Increasingly, aging and inadequate infrastructure adversely impacts enterprise security.

[keep reading…]

It’s Strike Three for Oracle in its ongoing argument with the Better Business Bureau’s National Advertising Division (NAD) and IBM over a series of 2012 ads in which Oracle claimed its servers were much less expensive and outperformed Big Blue’s machines.

NAD, the investigative unit of the advertising industry’s system of self-regulation, has now forwarded the complaints onto the Federal Trade Commission. The FTC is a government regulatory agency and it wields much more authority than the BBB or NAD.

At this point, Oracle would do well to give up gracefully. But given the history between these two long standing rivals, that is unlikely to happen.

The dispute revolves around three separate Oracle advertising campaigns in 2012, which ran in major publications including The Wall Street Journal. According to the NAD’s latest press release each of Oracle’s ads featured “an overbroad and unsupported comparison between one Oracle product and one IBM product.” Each campaign was reviewed by NAD following complaints lodged by IBM, which alleged Oracle’s claims were specious and hyperbolic. The NAD reviewed all of the complaints and agreed with IBM and recommended that Oracle discontinue making misleading claims in its advertisements.

[keep reading…]