|
|
|
|
| |
|
New EMA Report Provides Guidelines For Crafting Holistic IT Information Security Strategies
|
Securing sensitive data one of the highest priorities and most significant challenges facing the enterprise today
BOULDER, Colo., Sept. 28, 2006, Enterprise Management Associates (EMA), the leading independent IT management research and consulting firm, today announced the availability of a new report covering the landscape of IT solutions that address the increasingly vital concern for the security of information. The 75-page research study, “The Security of Information: A Strategic Approach to Current Topics and Trends,” offers executives and enterprise IT professionals insight into the available solutions that are shaping the management and security of business-critical information and how the various technologies best fit together. EMA is offering this report for purchase, as well as free access to a number of other information security resources at www.emausa.com
In recent months, the security of information has become a watchword—not just for IT, but for the executive suite as well. Risks once seen as intangible and difficult to control have become top security management priorities as lost, stolen and abused information has led to highly tangible losses, including corporate embarrassment, lost customer confidence, damaged equity values, regulatory penalties, and the potential impact of even further regulation.
“The scale of regulatory penalties indicates the degree to which regulators are insisting that businesses address risks such as customer identity theft,” says Scott Crawford, EMA senior analyst. “The US Federal Trade Commission (FTC) began this year with a $15 million settlement in one of the most high-profile cases of a data privacy and security breach. And, in more than one case, the FTC has required offenders to implement an information security program subject to audit every other year for 20 years.”
Penalties may not be the only indicator of tangible impact. “Here at EMA, we recently followed the closing stock prices of 6 companies that had disclosed an information security breach between February 2005 and June 2006,” continued Crawford. “Within a month of disclosure, the average price of these stocks fell by 5 percent, and remained in a range of 2.4 to 8.5 percent below that of the date of disclosure for another eight months. It did not recover to pre-incident levels for nearly a year.”
The resulting focus on information risks has brought increased attention to technologies that secure information itself. While some solutions are being marketed as “silver bullets” that can independently deliver comprehensive information security, this is not the reality.
In this study, EMA advocates a comprehensive approach to securing information that embraces the enterprise as a whole:- The security of resources that house, handle and communicate data
- People and process involved in the access and use of information
- The security of information itself
The report examines current factors that influence the broad topics under each of these three domains, with a look at trends and technologies that are shaping today’s approaches to information security couched in the context of a holistic strategy built on these pillars.
Other issues addressed by the report include:- Regulatory compliance and other tangible losses as key drivers for investing in information security
- Enterprise management as the cornerstone of a holistic information security strategy
- The integration of solutions across domains of technology and expertise as a defining characteristic of “security maturity”
- Information risk and the changing nature of IT security fundamentals, including network security, application security and virtualization security
- A comprehensive approach to IT security involving the three pillars of people, process and information access
- Common security challenge such as recognizing sensitive information, identifying threats and applying effective response
- Suggestions for successfully building an information security strategy in the enterprise based on practitioner experience
In addition to the research report, EMA is providing a number of no-cost information security resources to help enterprise IT professionals learn how to craft successful information security strategies.
EMA’s Information Security Solutions Center is a comprehensive online resource that introduces the fundamental concepts of information security and offers the ability to search and compare objective profiles of leading information security solutions side-by-side. Access to this valuable resource is free of charge and will be available in Q4 2006. To register for the Solutions Center, click here.
EMA’s Crawford will be sharing highlights of the information security market study in a free one-hour Webinar to be held on Tues. Oct. 3, 2006, at 11 a.m. EDT. To sign-up for the Webinar, click here.
About Enterprise Management Associates
Founded in 1996, EMA is the only industry analyst and consulting firm dedicated to issues of IT Management. The firm conducts comprehensive, in-depth research and analysis on current and emerging concepts, issues, trends, strategies and resources. EMA consults with enterprise IT professionals to assess their organization’s current IT management infrastructure, skills, efficiency and effectiveness—making recommendations to improve productivity, maximize ROI, improve service quality and align IT operations with business strategy. In addition, the firm’s work with vendors and service providers gives it significant influence in the marketplace, reaching nearly 300,000 people each month. For more information, visit www.enterprisemanagement.com
|
|
|
|
|
| |
|
