Amazon Releases Point-and-Click Console for EC2

TECHNOLOGY
- Infrastructure
  - Network
  - Security
    - Virus
    - Intruder
    - Spyware
    - Spam
    - Theft
    - Disaster Recovery
    - Privacy
    - Regulatory Compliance
  - Client
    - Desktop
    - Laptop
    - Laptop - Macbook
    - PDA
  - Server
    - Load Balancing
  - Mobile
  - Operating Systems
    - Windows
    - Windows - Vista
    - Linux
    - Mac
    - Mac - Leopard
    - Unix
    - Other
  - Data Center
  - Virtualization
- Applications
  - SaaS
  - Cloud Computing
  - ERP
  - CRM
  - BI
  - BPM
  - KM
  - SCM
  - RFID
  - Middleware/EAI
  - Portals
    - B-to-B
    - Consumer
  - Inventory Management
  - Databases
  - Document Management
  - E-Business
  - Data Warehouse
- Development
  - Open Source
  - Eclipse
  - Java
  - .NET
  - Agile
  - Web Services
- Architecture
  - SOA
  - Enterprise Architecture
LEADERSHIP

IT DRILLDOWN

NEWSLETTERS

CIO.com updates, insights and advice on technology, management and your career.

RSS Feeds »

LEADERSHIP

CIO Executive Programs

The Leader in Face-to-Face Education for Senior Executives

Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »

CIO Executive Council

A Peer-Advisory Service and Professional Association for CIOs

Social Responsibility's Strategic Benefits

December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)

Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.

Working With and Communicating to Your Board of Directors

January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)

CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.

IT's Role in Growing Mid-Market Companies

January 14, 4:00 PM - 5:00 PM ET (GMT-5)

Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.

More / Register »

Learn more about the CIO Executive Council »

RESOURCE CENTER

buy a link »

SUBSCRIBE TO CIO

Are you involved in setting the direction for your company's IT budget or strategy?

Apply today for a FREE subscription to CIO Magazine!

Subscription Services »

Reprints »

News

Enterprises Overpay for Antivirus Software, Says Analyst

Enterprises continue to pay too much for security software -- while the software vendors aren't doing enough research to keep up with fast-changing threats on the Internet, a Gartner analyst said Monday.

Leave a comment

By Jeremy Kirk

September 29, 2008 — IDG News Service —

Enterprises continue to pay too much for security software -- while the software vendors aren't doing enough research to keep up with fast-changing threats on the Internet, a Gartner analyst said Monday.

Security vendors are maintaining high profit margins on firewalls and antivirus software, products which are commodities these days, said Neil MacDonald, a research vice president at Gartner, during a presentation at the company's IT Security Summit in London.

Buyers should take advantage of the competitive environment in the antivirus software industry to negotiate better prices for such products, he said.

"I know it's hard to switch but you have to seriously enter the negotiations," he said. "Let the vendors know that you are not afraid to switch."

Security vendors have maintained a pricing scheme that contradicts the rest of the IT industry, MacDonald said. Typically with software or hardware, prices go down year after year with the introduction of new and better products. In some cases, however, security software often loses its effectiveness as new threats emerge, while prices stay high.

"Why in antivirus year after year do we pay more for something that gives us less?" MacDonald asked. "It's insanity. Why is information security immune from the trends of the IT industry?"

For the last 18 months, MacDonald has been researching adaptive security, a concept that envisions having different security products communicate with one another and evaluate threats in a more contextual way. MacDonald argued that security products should work together like the human body's immune system, where different defensive mechanisms work in concert with each other.

These days, a security product is often designed to address a single security aspect, such as fortifying Web applications, protecting endpoint devices or preventing network intrusions. Vendors have taken advantage of how organizations deal with a security problem by offering single products, a model that makes security overly complex, MacDonald said.

Vendors need to create security technology that is less rigid and can change when businesses modify their processes. Ideally, those products would able to apply certain security policies in certain situations, a concept MacDonald labeled as adaptive.

"Vendors are holding us back from enabling this vision," MacDonald said. "The vendors are delivering us too many unconnected point products with too much complexity."