Anti-Malware Gives Biggest Bang For Security Buck

---

Anti-Malware Gives Biggest Bang For Security Buck Posted: 13 Aug 2010 08:58 AM PDT Antivirus software, firewalls and having a CISO also deliver high returns, finds the Ponemon Institute. Which security technologies deliver the biggest bang for the buck? Simple: antivirus and anti-malware software, followed by endpoint security solutions, Web application firewalls, and policy enforcement tools. So finds a new survey of 488 United Kingdom-based IT and IT security practitioners. The study, sponsored by Vodafone and F-Secure and conducted by Ponemon Institute, asked IT professionals to rate the cost and effectiveness of various security options, as well as to assess their organization's current security posture. Surprisingly, the study found that when it comes to mitigating the biggest security threat facing organizations -- identified by respondents as being the loss, theft or removal of sensitive information -- organizations are lacking both the required bang and buck. "Time and again our research finds that security and data protection activities are both under-funded and under-staffed," said Larry Ponemon, chairman and founder of Ponemon Institute, in a statement. One related challenge is that many organizations still require their security teams to justify their technology budget by using traditional return on investment (ROI) metrics. But for lost data, shouldn't the opposite have to be proven, since success is roughly equivalent to nothing bad happening, or not having to pay for a data breach cleanup? Accordingly, Ponemon is advancing a different business case for justifying information security purchases: return on prevention. "Because expenditures must be justified to pass budget approval hurdles, we believe our 'return on prevention' model can help make it easier for IT and IT security practitioners to make the business case for acquiring enabling security technologies and related control activities," he said. Return on prevention emphasizes "low-cost solutions that are effective in stopping threats or attacks," and which require few resources to deploy or implement, said Ponemon. Applying these metrics, the study reports that beyond antivirus, anti-malware, endpoint security, web applications firewalls, and policy enforcement tools, mobile device security solutions also produced a relatively high rate of prevention return, versus information security technologies residing in enterprise systems or networks. But the highest return on a prevention investment, according to the study, "is from governance and control activities, including the appointment of a CISO and training of end users, and professional certification of security staff." Acquiring Sun wasn't enough for Oracle CEO Larry Ellison, who's now driving the company to overtake SAP and IBM and pushing the virtues of a complete Oracle IT stack. We investigate Oracle's next giant steps. Download our report here (registration required). This entry passed through the Full-Text RSS service — if this is your content and you're reading it on someone else's site, please read our FAQ page at fivefilters.org/content-only/faq.php Five Filters featured article: "Peace Envoy" Blair Gets an Easy Ride in the Independent.

You are subscribed to email updates from Yahoo! News Search Results for antivirus To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google Inc., 20 West Kinzie, Chicago IL USA 60610