I recently read a post on ZDNet by Adam O’Donnell where he offers up some predictions on the IT Security sector in the wake of the broader economy struggling. Sorta got me thinking about how people view security in general, and from his perspective, where the thinking around security integration is headed. That is, integrating
sound security practices and solutions into an overall framework designed to protect your core assets – your data.
We’re seeing a whole lotta ‘well this is what will happen next year’ arguments, as well as too many ‘well what we REALLY need for 2009 is’ arguments…Fundamentally, O’Donnell is suggesting that as we face an uncertain economy, security solutions had better be able to address real problems for organizations – I agree. But in the same breath, he suggests that technologies like spam filters and AV software are pretty much recession-proof, hinting these will always be important.
OK, kinda-sorta, but then he goes on to say we don’t need another database security solution. So that was where it seems like Adam needs a little reality check. First and foremost, as of today, since 2005, we’re up to 245,133,370 data records breached, according to Privacy Rights. To me, the notion of protecting data where it resides on the majority of enterprise networks – you guessed it, in the database – seems like a higher priority for global companies than making sure my spam filter works.
Second, Adam points out that an economic downturn is a perfect opportunity for hackers, particularly unpatched systems. Well, elevating the discussion to the enterprise level, this is typically a time when attackers are looking for data, and they are looking to break through whatever they can to get at that data in the database, probably not an email server. Its clear he's missing the boat - Gartner recently reported that database activity monitoring (one component of the overall db sec market) has seen 100% YOY growth in 2007 and that they expect that trend to continue.
If I’m make purchasing decisions for the IT environment at a global company based on my security and compliance priorities for 2009, particularly with less money to spend nest year, you can bet I will a) look at what technologies will help me comply with relevant regulatory initiatives that are pertinent to my organization and b) I’m going to look for a cost-effective solution to secure my database environment.
ZDNet is a well-respected media outlet, where the reporting is relevant, but also quick to report important technology news. But I am questioning some of the contributed commentary. You can’t dog the database security niche in an attempt to score some ink around a broader trend – it’s counter-intuitive to the overall argument and it speaks volumes about the misunderstandings of business-critical markets like db sec. We have more educating to do in 2009…Did I forget to mention the author works for Cloudmark, which secures messaging apps?
Application Security, Inc. provides database security solutions for the enterprise and was named to Inc. Magazine's 2007 list of America's Fastest Growing Private Companies (Inc. 500). Its products proactively secure databases and delivers up-to-date database protection that minimizes risk for companies.
Have you read these related articles?
Newsletter:
