Organizations spend an average of 5.6 percent of the overall IT budget on IT security and risk management, according to Gartner. However, IT security spending ranges from approximately 1 percent to 13 percent of the IT budget and is potentially a misleading indicator of program success, analysts said. “Clients want to know if what they are spending on information security is equivalent to others in their industry, geography and size of business in order to … More
Source: helpnetsecurity

The Industrial Internet Consortium (IIC), the global, member-supported organization that promotes the accelerated growth of the Industrial Internet of Things (IIoT), announced the publication of the Business Strategy and Innovation Framework (BSIF). The BSIF helps enterprises to identify and analyze issues that must be addressed to capitalize on the opportunities emerging within the IIoT. The BSIF serves as a reference document for chief executives in enterprises planning to engage in IIoT concepts. A single-source compendium … More
Source: helpnetsecurity

When the FBI announced the arrest of a Russian hacker in October, it was notable – but maybe not for the reason you’d expect. Yevgeniy N., who was picked up in Prague, is implicated in the 2012 megabreach at LinkedIn. That cyberattack exposed the usernames and passwords of 117 million people, and led to a fire sale of login data on the open market. The size of the hack was extraordinary, but the arrest of … More
Source: helpnetsecurity

Deloitte has uncovered a shift in business priorities from “business performance” to “customers,” with 57 percent of chief information officers choosing “customers” as their top priority, compared to only 45 percent last year. “Customer” remained the top priority for eight of the 10 industries represented in the survey. Only 45 percent of CIOs stated their information technology organization is involved in delivering customer experience through IT capabilities, and 28 percent of CIOs feel their IT … More
Source: helpnetsecurity

By now, it’s pretty much an accepted reality that it’s only a matter of time until an organization – any organization – gets breached by cyber attackers. But system penetration does not mean game over for the defenders, as attackers still have to do other things to achieve their goal (steal business information, login credentials, intellectual property, etc.). This means there are many other opportunities and ways to stop an attack from succeeding. How to … More
Source: helpnetsecurity

Today’s IT organizations are divided into two camps: those that thrive by effectively leveraging digital technologies, new business models, and entrepreneurial cultures; and those that are saddled by technical debt, plodding business processes, and lack of a digitally-fueled vision for the future. To help CIOs and IT executives successfully lead their organizations through accelerating digital transformation, IDC today unveiled predictions that lay out the ten most important shifts that will happen in IT organizations over … More
Source: helpnetsecurity

My name is Kai Roer and I am a co-founder of European security startup CTLRe, and these are my confessions. I hope you will learn from my struggles, and appreciate the choices startups make when security matters. I will share experiences from my own startups (my first was in 1994), and things I have learned by watching and advising numerous other startups around the world. Running a startup is an amazing experience, and a lot … More
Source: helpnetsecurity

In the past twelve months, roughly one in three targeted attacks resulted in an actual security breach, which equates to two to three effective attacks per month for the average company, according to Accenture. Still, a majority of security executives (75 percent) surveyed are confident in their ability to protect their enterprises from cyberattacks. Accenture surveyed 2,000 enterprise security practitioners representing companies with annual revenues of $1 billion or more in 15 countries about their … More
Source: helpnetsecurity

Businesses are often encouraged to take risks. These can fuel innovation, excite customers and set them apart from competitors. However, while many parts of a business may benefit from occasional risks, security is one area that businesses cannot afford to compromise. While trying something new should be encouraged, this should only be done when it can be assured that company and customer data won’t be exposed. One example is the old-school belief that security is … More
Source: helpnetsecurity

70 percent of security industry professionals believe threat intelligence is often too voluminous and/or complex to provide actionable insights. Perceptions about the integration of threat intelligence with security technologies The Ponemon Institute study, based on 1,072 respondents in the United Kingdom and North America, also showed that organizations neglect to share essential threat data with board members and C-level executives, despite the fact that security is now a business priority. On average, only 31 percent … More
Source: helpnetsecurity