Article

Gartner releases 'Top 11' list of security issues

Ed Parry, News Editor
SAN DIEGO -- Of course you need to be thinking about the security of your systems. A good "guard dog" is essential.

But try not to step in any hype as you look at the "breeds."

Analysts with Gartner Inc. said last week at the company's Symposium/ITxpo that one of the great hurdles companies must clear while they're shopping for security products is the hurdle of hype. They stressed the importance of finding the products that best suit your firm's business needs -- not the products that vendors say you absolutely must have. Otherwise, you might as well flush those precious security funds.

And because IT security initiatives are near the top of many CIOs' "to do" lists, many vendors are making a lot of noise.

Victor S. Wheatman, vice president and research director for the Stamford, Conn.-based research firm, added that the stagnant economy, global unrest and a wariness born of "previous grand-plan security initiatives," which may not have been as grand as planned, are also having an impact on how IT managers shop for security solutions.

Hype, buyer's remorse, squeezed budgets, economic uncertainty, and expectations that security measures will deliver -- that's a lot to juggle, and it has resulted in cautious companies buying time rather than security.

"Enterprises tend to implement products and services that are 'good enough' while navigating through minefields of over-promoted products or products so advanced [that] the need

    Requires Free Membership to View

is not readily apparent," Wheatman said.

In order to help you get past the veggies and to the meat of what's important, security-wise, Gartner has compiled a "Top 11" list of security issues for 2003. They're in no particular order, and the list doesn't have the knee-slapping qualities of a Letterman Top 10, but let's face it: security is no laughing matter.

  • Web services security
    The use of Web services is an issue because these technologies will change the way new applications will be secured.
  • Wireless LAN security
    Vulnerable wireless LANs could leave services out on the table for the taking, and there is no shortage of thieves.
  • Identity management and provisioning
    Directory Network Service and denial-of-service attacks aren't going away.
  • The role of security platforms and intrusion-detection systems
    The intrusion-detection business is evolving toward prevention and forensics.
  • Console monitoring and management
    You need to know whether a problem with one part of the network is related to a problem on other parts of the network.
  • The next big virus
    Code Red and Nimda were two costly wake-up calls, and a nastier worm could be out there.
  • Instant messaging security
    IM is everywhere, and its very omnipresence is creating exploitable holes.
  • Homeland security
    Corporate America has not yet felt the impact of this government initiative.
  • Tactical security to infrastructure security
    Addressing tactical security solutions will lead to more interest in infrastructure security.
  • Protecting intellectual property
    This issue won't go away, thanks in no small part to corporate spies.
  • Transaction trustworthiness and audit-ability
    Thanks to firms like Enron and WorldCom, there will be more attention paid to information security measures and the "audit trail."

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: