Overview: 

It’s been a long time coming, but the indications are that security and information protection are finally within spitting distance of getting the mindshare they merit, based on the only metric that really matters: Cash on the barrelhead.

In volume 1 of our ground-breaking benchmark, "Security and Information Protection: Trends and Organizational Issues", we highlight the acceleration in spending on security and information protection, discuss critical drivers, and drill down into the organizational and operational impacts. Security budgets have grown another 20% since our last benchmark (in 2005), and indications are that double-digit growth will continue through 2008 and beyond. Moreover, that growth is increasingly shifting away from consultants and staff and toward products and services—good news for vendors and providers. Security organizations are evolving as well, with the most significant trend being the shift in focus from “chief security officer” to “chief risk mitigation officer,” mirroring the overall organizational shift in focus from security to risk mitigation. In line with this shift, security teams are picking up responsibility for areas they don’t historically support (such as business continuance and facilities) but which, if not well managed, can increase an organization’s risk. And security remains a great career path: along with this increased responsibility comes a welcome (and sustained) increase in salary.

Network World Editorials  By John Dix, Network World, 03/22/07

In a recent study about spyware by Nemertes Research, Senior Vice President Andreas Antonopoulos was surprised to find that 16% of the companies examined were not concerned about the threat.

Suspecting that was because they were small companies, he dug deeper, but found they were some of the largest companies analyzed. He also discovered why they weren't concerned: they spent 6% to 8% of their IT budgets on security, twice what the average company spends.

The data center is the new castle, and the botnet hordes are coming for it

New Data Center Strategies Newsletter, By Andreas M. Antonopoulos, Network World, 2/6/07

One of the main findings from Nemertes’ security research in 2005 and 2006 was that the security perimeter is eroding.

With all the connections to partners, suppliers and customers and all the mobile workers, it was almost impossible to define a clear perimeter outside the data center. So the data center has become the retrenched position for most security defenses. The data center has become like the castle keep: a central hardened tower, the most defended area and the location of the most prized possessions.

By Andreas M. Antonopoulos, SVP, Nemertes Research Inc.
June 2, 2006

Two recent items in the news highlight an important trend in security: Companies are struggling more and more with patches.

Symantec Corp. (NASDAQ: SYMC, http://www.symantec.com/) just released a patch for its Norton AntiVirus 10.x product to fix a critical security vulnerability that could have led to attacks against thousands of companies running the corporate anti-virus suite.

Just two months ago, McAfee (NASDAQ:MFE http://www.mcafee.com/), suffered from a flawed signature which caused it to mis-identify documents and spreadsheets as malware.

If you would like to receive our full Impact Analysis, sign up for our weekly newsletters.

* Converge network and security operations centers to focus on the business

By Andreas M. Antonopoulos, Network World, 12/20/05

Network operations and security operations share a single goal: maintaining business availability and protecting business information.

By Johna Till Johnson, Nemertes Research
February 10, 2005

The announced acquisition by Microsoft (Nasdaq: MSFT) of privately held Sybari Software for an undisclosed amount marks a heightened focus on protecting users from malware (SPAM, spyware, and viruses). This is significant for several reasons. Not only is malware costing enterprise organizations significantly in terms of productivity and IT time, it’s also hindering the adoption of next-generation productivity tools such as real-time communications dashboards, which hold the potential for dramatically improving enterprises’ top-line revenue and overall business agility.

By Andreas M. Antonopoulos
Network World Data Center Newsletter, 12/07/04

Spyware was, until recently, mostly a consumer problem: home PCs infected with hundreds of pop-up-generating spybots.

Avinti and Ironport break new ground in the fight against e-mail-borne virus attacks.

By Melanie Turek, Principal Research Analyst, Nemertes Research Messaging Pipeline 10/07/04

A majority of IT executives surveyed in Nemertes Research's recent benchmark study complained about the time it takes for their anti-virus software to detect and alert them to a new virus outbreak. That makes finding methods that can shrink that time a top priority for the enterprise IT community.