Gartner to Outline Security Trends in Upcoming Information Security Summit

The upcoming Gartner Information Security Summit will put the focus on trends in the security market today.

By Ellen Messmer
Mon, June 15, 2009

Network World — When it comes to information security, should companies be buying best-of-breed products from a number of vendors or stick with a single vendor for cost or other reasons? And what are the latest trends gaining momentum today in IT security?

Can You Cut Information Security in Hard Times and Survive
The Future of Information Security: 2008 and Beyond

Those questions and many more will be in the spotlight at the upcoming Information Security Summit in Washington, D.C. later this month where Gartner analysts share their views on what enterprises want and vendors can deliver in a world fraught with hackers on one side and regulatory pressures on the other.

Plain and simple, "what's driving customers is data security, in terms of infrastructure protection and compliance," says Adam Hils, the research analyst who will present Gartner's security-market forecast at the conference.

Some Gartner research shows IT security customers are torn by whether to stick with one vendor or go with standalone/best of breed products when it comes to basic buying strategies. Gartner advocates "best of breed — as long as it works with what you have," Hils says.

IT security customers are inclined as never before to a one-vendor strategy — it may be because of budget pressures since there's the perception that this may be cost-savings — but Gartner's advice is to keep the focus on best-of-breed, particularly when a major upgrade is envisioned and new technologies are on the horizon.

A good example is "the next-generation firewall, which combines the network firewall and intrusion-prevention system," Hils says. Vendors in this arena vary widely in terms of their equipment, although most of them aren't yet doing it all that well — though Hils said Juniper seems to be in the forefront for now.

According to Gartner, some of the most exciting areas today are managed services, or security as a service, where customers expect vendors to undertake full-time management responsibilities, either through support of dedicated customer equipment or by delivering cloud-based services.

While e-mail antispam and security filtering is becoming widely adopted, another area, security information and event management (SIEM), which involves complex aggregation and analysis of log data from many data sources, is also gaining uptake from customers, Hils says.

Large firms, including IBM and Symantec, offer managed SIEM services, but several smaller security firms, including SecureWorks, are providers, too. LogLogic is also one whose technology is often used by other providers.

While advanced SIEM equipment is still seen as a big-ticket item afforded mainly by large enterprises, increasingly there are options, like TriGeo, aimed at the small-to-midsized business market, Hils says. The wider SIEM adoption is being driven by compliance pressures, such as the Payment Card Industry (PCI) data-security standards, for log management, he notes.

1 2 next page »

You are here: Technology Topics » Security » News

Most Recent Security Stories

White Papers »

Overcome Top 7 Admin Challenges of Active Directory

As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable, enforceable processes that reduces administrative overhead and enables robust, customizable reporting and auditing capabilities. Brought to you by NetIQ.

Top Solutions and Tools to Prevent Devastating Malware

Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring (FIM) tools that provide immediate alerts. This white paper has been brought to you by NetIQ, the leader in solving complex IT challenges.

Insiders Can Ruin Your Company. Take Action.

Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in organizations worldwide. This white paper from NetIQ, discusses key technology solutions that help to prevent and detect insider threats.

X-Ray of the PCI Process-4 Proactive Steps

This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into creating a compliant and secure IT environment. Follow these four proactive steps now before your next audit. Brought to you by NetIQ.

Streamline Compliance and Increase ROI

Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will help your business gain the maximum return on investment possible while aligning your compliance programs.

Identity Governance: The Business Imperatives

This white paper describes the business challenges and opportunities that are driving interest in Identity Governance while discussing considerations your organization should make to help achieve project success.

Webcasts »

Gartner Next Generation Network IPS Webcast

Learn how Gartner's criteria for next generation IPS helps organizations achieve effective threat prevention despite changes in network communications, new applications, and changes in the threat landscape.

McAfee Continuous Compliance

3 minute Flash video - overview of the need for and value of Configuration Control.

Taming the Wild West: How to build a strong cloud security strategy

Cloud deployments are playing a critical role in propelling innovation for many companies. At the same time security has become the #1 one of the top concerns for IT and business leaders as they migrate into the cloud. In this webinar, learn from Accenture discusses how to recast the cloud as a "fresh chance to rethink your approach to security."

Virtualization Success is a Team Effort

As greater numbers of datacenter servers transition from the physical to the virtual world, the components of virtualization success come to the fore. What scores of organizations have discovered is that success is derived from an optimal pairing of the right software platform with the right hardware platform.

Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware

Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn about VMware customer, Navicure, and their experiences testing and evaluating the recovery manager, their progress in implementing it in their environment and their advice other customers considering using vCenter.

Quantifying the Business Value of VMware View - Webcast

Many enterprises have discovered that the use of virtualization to support desktop workloads creates a range of significant benefits. These benefits include price efficiencies, improved IT management and greater agility and choice for end users.

This VMware sponsored webcast with IDC will provide both quantitative measurement of the business value -- defined as the expected ROI -- and qualitative analysis associated with the use of VMware View™. IDC will also provide an analysis of the View Composer and ThinApp™ features of VMware View, including the business value of these solutions and an overview of how they work.

Attend this webcast to learn about:
- Challenges and barriers that might impede the adoption of desktop virtualization
- Navigating roadblocks to facilitate a strategic implementation
- Optimizing qualitative and quantitative benefits to IT and your business

Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter