Tag Archives: Regulation

Gartner Forecasts Worldwide Security Spending Will Reach $96 Billion in 2018, Up 8 Percent from 2017

Gartner, Inc. forecasts worldwide security spending to total $96.3 billion in 2018, an increase of 8 percent from 2017. Organizations are spending more on security as a result of regulations, shifting buyer mindset, awareness of emerging threats and the evolution to a digital business strategy.

My latest Gartner research: Market Opportunity Map: Security and Risk Management Software, Worldwide

20 April 2017  |  The security software market is transforming through four vectors: analytics, adoption of SaaS and managed services, expanded ecosystems, and regulations. Technology business unit leaders must realign their product and go-to-market strategies to address these key forces….

Gartner clients can access this research by clicking here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

My latest Gartner research: Invest Insight: Focus on Imperva

This research looks at various segments relevant to Imperva — Web application firewalls (WAFs), data-centric audit and protection (DCAP), cloud security, and cloud access security brokers (CASBs) — to provide the reader with the ability to assess the company’s prospects. Based in Redwood Shores, California, Imperva provides hardware and software cybersecurity solutions designed to protect data and applications in the cloud and on-premises. Customers use these solutions to discover assets and risks, protect information, and comply with regulations. …

Gartner clients can access this research by clicking here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] The Ambassador who worked from Nairobi bathroom to avoid State Dept. IT

http://arstechnica.com/information-technology/2015/03/the-ambassador-who-worked-from-nairobi-bathroom-to-avoid-state-dept-it/ By Sean Gallagher Ars Technica March 8, 2015 The current scandal roiling over the use of a private e-mail server by former Secretary of State Hillary Clinton is just the latest in a series of scandals surrounding government e-mails. And it’s not the first public airing of problems with the State Department’s IT operations—and executives’ efforts to bypass or work around them. At least she didn’t set up an office in a restroom just to bypass State Department network restrictions and do everything over Gmail. However, another Obama administration appointee—the former ambassador to Kenya—did do that, essentially refusing to use any of the Nairobi embassy’s internal IT. He worked out of a bathroom because it was the only place in the embassy where he could use an unsecured network and his personal computer, using Gmail to conduct official business. And he did all this during a time when Chinese hackers were penetrating the personal Gmail inboxes of a number of US diplomats. Why would such high-profile members of the administration’s foreign policy team so flagrantly bypass federal and agency regulations to use their own personal e-mail to conduct business? Was it that they had something they wanted to keep out of State’s servers and away from Congressional oversight? Was it that State’s IT was so bad that they needed to take matters into their own hands? Or was it because the department’s IT staff wasn’t responsive enough to what they saw as their personal needs, and they decided to show just how take-charge they were by ignoring all those stuffy policies? The answer is probably a little bit of all of the above. But in the case of former ambassador Scott Gration, the evidence points heavily toward someone who wanted to work outside the system because he just couldn’t stand it. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Tough security tests for banks’ foreign suppliers

http://www.scmp.com/news/china/article/1697491/tough-security-tests-banks-foreign-suppliers Reuters in Beijing and San Francisco 01 February, 2015 Draft Chinese government regulations would force overseas technology vendors to meet stringent security tests before they can sell to China’s banks, an acceleration of efforts to curb the country’s reliance on foreign technology that has drawn a sharp response from US business groups. But a translation of the proposed rules shows its immediate impact on foreign firms may not be as tough as feared. The draft shows the regulation would initially focus on types of hardware and software where domestic suppliers already have a strong market position compared with their foreign rivals. Western companies say the rules have not yet been formally adopted and some said they believed Beijing would retreat on some of the most onerous ideas, including demanding that firms’ proprietary source code be reviewable. Chinese leaders are to review the plan next week, US tech industry sources said. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] China’s New Rules for Selling Tech to Banks Have US Companies Spooked

http://www.wired.com/2015/01/chinas-new-rules-selling-tech-banks-us-companies-spooked/ By Davey Alba Wired.com 01.29.15 Technology companies that want to sell equipment to Chinese banks will have to submit to extensive audits, turn over source code, and build “back doors” into their hardware and software, according to a copy of the rules obtained by foreign companies already doing billions of dollar worth of business in the country. The new rules were laid out in a 22-page document from Beijing, and are presumably being put in place so that the Chinese government can peek into computer banking systems. Details about the new regulations, which were reported in The New York Times today, are a cause for concern, particularly to Western technology companies. In 2015, the China tech market is expected to account for 43 percent of tech-sector growth worldwide. With these new regulations, foreign companies and business groups worry that authorities may be trying to push them out of the fast-growing market. According to the Times, the groups—which include the US Chamber of Commerce—sent a letter Wednesday to a top-level Communist Party committee, criticizing the new policies that they say essentially amount to protectionism. The new bank rules and the reaction from Western corporations represent the latest development in an ongoing squabble between China and the US over cybersecurity and technology. The US government has held China responsible for a number of cyberattacks on American companies, and continues to be wary that Chinese-made hardware, software and internet services may have some built-in features that allow the Chinese government to snoop on American consumers. Meanwhile, China has used the recent disclosures by former NSA contractor Edward Snowden as proof that the US is already doing this kind of spying—and that this is reason enough to get rid of American technology in the country. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Retailers accuse credit unions of talking smack about card breaches

http://arstechnica.com/security/2014/10/retailers-accuse-credit-unions-of-talking-smack-about-card-breaches/ By Sean Gallagher Ars Technica Oct 30, 2014 Reeling from the bad press associated with an ongoing parade of data breaches caused by criminal infiltration of their payment systems, representatives of six retail industry associations signed a joint open letter that pushes back against a vocal critic of retailers’ cyber-security practices—credit union associations. In the letter addressed to the presidents of the Credit Union National Association (CUNA) and the National Association of Federal Credit Unions (NAFCU), retail industry representatives accused the associations of spreading “a number of misleading and factually inaccurate points… in the media and before Congress in regards to the cyber security in our country.” The industry group executives insisted that retailers already share the burden of dealing with the cost of lost data—at least to the degree that they are contractually obliged by credit card organizations. But given how much they actually do pay, the retailers may protest too much. Unsafe at any register The letter is a direct response to comments made in a letter to House Homeland Security Committee chairman Rep. Michael McCaul (R-TX) by Carrie Hunt, the NAFCU’s senior vice president of government affairs, posted on October 28. In her letter, Hunt called out the retail industry for not carrying enough of the burden associated with the loss of customers’ financial data. While credit unions and other financial institutions are subject to strict standards and regulations on handling sensitive customer financial data, Hunt wrote, “retailers and many other entities…are not subject to these same standards, and they become victims of data breaches and data theft all too often. While these entities still get paid, financial institutions bear a significant burden as the issuers of payment cards used by millions of consumers.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail