"To a person who has only a hammer, every problem looks like a nail." This is the worst-case version of the unitasker's dilemma: when your tool only really does one thing, then you have to look at the world from the perspective that function embodies, and anything that doesn't fit (however badly) you have to ignore.

It's not all about security, it's not all about events, it's not all about compliance. All those things are critically important to IT, of course, but even more fundamental is the task of keeping things running. All those other things depend on this one. System logs reveal a wealth of information about normal (and aberrant) operations, but they don't cover everything.

A typical evolutionary path for event and log management in an organization runs like this: paleolithic admin uses just eyes and brain to review logs, looking for evidence of misbehavior, misconfiguration, and mischance; crafty neolithic admin cleverly adds scripts to the mix and automates as much of the review as possible; later, the tools come from others rather than being made by his or her own

When I was going over the parallels between the numeric-control vs record-playback (NC vs RP) machine tools, there was a significant point of dissimilarity that was glossed over: machine tool inputs are known. The variable there is what you want to make with the material, the genius of the trained master being in how best to get from untouched stock to finished product.

Overview:

It’s been a long time coming, but the indications are that security and information protection are finally within spitting distance of getting the mindshare they merit, based on the only metric that really matters: Cash on the barrelhead.

In volume 1 of our ground-breaking benchmark, "Security and Information Protection: Trends and Organizational Issues", we highlight the acceleration in spending on security and information protection, discuss critical drivers, and drill down into the organizational and operational impacts. Security budgets have grown another 20% since our last benchmark (in 2005), and indications are that double-digit growth will continue through 2008 and beyond. Moreover, that growth is increasingly shifting away from consultants and staff and toward products and services—good news for vendors and providers. Security organizations are evolving as well, with the most significant trend being the shift in focus from “chief security officer” to “chief risk mitigation officer,” mirroring the overall organizational shift in focus from security to risk mitigation.In line with this shift, security teams are picking up responsibility for areas they don’t historically support (such as business continuance and facilities) but which, if not well managed, can increase an organization’s risk. And security remains a great career path: along with this increased responsibility comes a welcome (and sustained) increase in salary. In our upcoming volumes, we drill down into the specifics.

Overview: 

It’s been a long time coming, but the indications are that security and information protection are finally within spitting distance of getting the mindshare they merit, based on the only metric that really matters: Cash on the barrelhead.

In volume 1 of our ground-breaking benchmark, "Security and Information Protection: Trends and Organizational Issues", we highlight the acceleration in spending on security and information protection, discuss critical drivers, and drill down into the organizational and operational impacts. Security budgets have grown another 20% since our last benchmark (in 2005), and indications are that double-digit growth will continue through 2008 and beyond. Moreover, that growth is increasingly shifting away from consultants and staff and toward products and services—good news for vendors and providers. Security organizations are evolving as well, with the most significant trend being the shift in focus from “chief security officer” to “chief risk mitigation officer,” mirroring the overall organizational shift in focus from security to risk mitigation. In line with this shift, security teams are picking up responsibility for areas they don’t historically support (such as business continuance and facilities) but which, if not well managed, can increase an organization’s risk. And security remains a great career path: along with this increased responsibility comes a welcome (and sustained) increase in salary.

Network World Editorials  By John Dix, Network World, 03/22/07

In a recent study about spyware by Nemertes Research, Senior Vice President Andreas Antonopoulos was surprised to find that 16% of the companies examined were not concerned about the threat.

Suspecting that was because they were small companies, he dug deeper, but found they were some of the largest companies analyzed. He also discovered why they weren't concerned: they spent 6% to 8% of their IT budgets on security, twice what the average company spends.

By Andreas M. Antonopoulos, SVP, Nemertes Research Inc.
June 2, 2006

Two recent items in the news highlight an important trend in security: Companies are struggling more and more with patches.

Symantec Corp. (NASDAQ: SYMC, http://www.symantec.com/) just released a patch for its Norton AntiVirus 10.x product to fix a critical security vulnerability that could have led to attacks against thousands of companies running the corporate anti-virus suite.

Just two months ago, McAfee (NASDAQ:MFE http://www.mcafee.com/), suffered from a flawed signature which caused it to mis-identify documents and spreadsheets as malware.

If you would like to receive our full Impact Analysis, sign up for our weekly newsletters.

By Melanie Turek, Senior Vice President, Nemertes Research Inc.
March 16, 2006

If you build it, they will come. No, not baseball players—virus writers. News from a group of computer researchers that radio frequency identification (RFID) chips are susceptible to software viruses—conventional wisdom to the contrary, notwithstanding—highlights a trend among IT executives, who continue to see viruses as a problem. Sixty-seven percent of
participants in Nemertes’ information-stewardship benchmark, for instance, consider fighting malware to be a “vital” part of their security efforts, and 25% say it’s “very important.”

* Converge network and security operations centers to focus on the business

By Andreas M. Antonopoulos, Network World, 12/20/05

Network operations and security operations share a single goal: maintaining business availability and protecting business information.