SlideShare una empresa de Scribd logo

Protective Intelligence

W
wbesse

Protective Intelligence. A look around the corners and over the horizon.

1 de 6
Descargar para leer sin conexión
I D C E X E C U T I V E B R I E F Proactive Intelligence Gathering for Enterprise Protection August 2010 Adapted from Worldwide IT Security Products 2009–2013 Forecast and 2008 Vendor Shares: Comprehensive Security Product Review by Brian E. Burke, Sally Hudson, Charles J. Kolodgy, et al., IDC #221351 Sponsored by Symantec Stay Ahead of Internet Threats to Protect Business- Critical Information Staying ahead of security threats will protect enterprise information and infrastructure from falling victim to a cyber attack or data breach. However, instead of leveraging a threat intelligence network, many organizations are relying upon multiple security products to receive notifications of new threats and their system vulnerabilities. Not every security product is integrated with a threat intelligence network, and in today's mobile environment, just one exposed confidential asset or record could compromise a business. This Executive Brief provides an overview of a more effective way to manage security through the integration and analysis of the global threat landscape. Cyber Attacks Narrow Their Focus The need for corporate security has never been greater. The amount of digital data — powered by globalization, Web access, new techniques for data gathering and analysis, digital communications, conversion from paper to digital processes, and increased regulatory and legal requirements — continues to increase exponentially. The increasing use of corporate email, Web email, instant messaging (IM), peer to peer (P2P), and other channels for distributing data, along with the proliferation of mobile devices that allow employees to carry sensitive information outside the organization's boundaries, makes securing information a substantial challenge. In addition, the digital threat environment is rapidly changing — in the motives of malware writers as well as in the vulnerabilities they are targeting. A growing number of malicious programs are exploiting security weaknesses in Internet browsers. An infected Web page, for example, can exploit a site visitor's computer remotely without the visitor even having to physically click on any links; a so-called "drive-by" attack. IDC_988
As a result, security concerns are at an all-time high among organizations seeking protection from a rash of spyware, Trojan horses, worms, and other Web traffic–borne menaces. Also, newer applications such as voice, storage networks, and emerging information technologies such as VoIP and XML continue to create a new set of requirements for protection. Current economic conditions notwithstanding, the security market continues to grow. IDC forecasts that this market will reach $37.8 billion in 2013, representing a compound annual growth rate of 9%. IDC sees the following three key trends driving the IT security market: • The largest security threat to enterprises lies within the network. With access to a significant portion of the enterprise resources, insiders — including current and past employees, temporary workers, partners, and customers — may take advantage of the organization's lack of security awareness to gain access to enterprise data. Most companies do not have visibility into who is accessing what in the network until after the security breach has happened. Breaches continue to happen, caused either by a disgruntled or soon-to-leave employee or an outsider who compromises internal user rights to access intellectual property and other data. Numerous instances are available of individuals causing deliberate harm; leaking confidential information of employees, customers, and enterprise data; or harming enterprise resources. • External hackers are exploiting insider ignorance. Social engineering threats like spyware, phishing, and pharming gain entry into the enterprise through the ignorance of insiders. It is commonly recognized that security is as weak as the weakest link in enterprise security. Through blended attacks that use multiple methods, external attackers find that user ignorance is the simplest route to enterprise data and resources. Further, as financial gain takes precedence over other motives for attacks, attacks themselves are consolidating into organized crime. Using the trust users have established with colleagues and acquaintances, attackers begin with compromising insider targets and then, through these contacts, extend the attack to other users. Examples include phishing attacks via social networking sites, instant messaging, and hosted email services; targeted emails to executives; and global event–related spam. In targeting the users, attackers are using publicly available vulnerability information and freely available rootkits, launching small attacks that change patterns rapidly to escape traditional security radars. In addition, hackers typically use multiple methods to reach the insider, necessitating the deployment of multiple security solutions. Deploying multiple solutions comes at a high cost and brings with it the possibility of security mismanagement due to the complexity in managing the solutions. Further, traditional security solutions, which rely on the magnitude of the attack to detect it, are likely to fall short. Proactive security based on real-time global events — i.e., threat intelligence — is necessary to meet these threats. 2 ©2010 IDC
• Regulatory compliance continues to add even greater pressure to protect sensitive data and document those security measures. Given the magnitude of threats to employee, customer, and corporate data, compliance regulations like HIPAA, GLBA, SOX, PCI, and others are forcing enterprises to undertake security measures that control the access and activity of users. Faced with penalties in case of noncompliance or loss of reputation in case of data loss, enterprises are under pressure to implement compliance measures within the enterprise. Compliance regulations are forcing organizations to have more network access controls with increased levels of network monitoring and reporting. The volume of information produced by existing systems is fast becoming too confusing and too much to handle for policy enforcers and auditors. Organizations Can No Longer Ignore Blind Spots As a result of the previously mentioned trends, enterprises and organizations are deploying a myriad of security technologies to defend against ever-increasing threats. But all of these security products add complexity to the security infrastructure. To manage the growth in security, organizations are turning to security and vulnerability management (SVM) solutions to provide them with intelligence to make security more effective as well as to document their efforts for compliance. This is why the SVM market continues to grow at double-digit rates and IDC predicts that it will exceed $4.4 billion in 2013. The security and vulnerability management market encompasses two separate but symbiotic segments — security management and vulnerability assessment. These two markets can stand alone, but they also have considerable overlap in how they are used by enterprises. • Security management products, consisting of tools that provide organizations with the ability to create security policy that drives both business and security initiatives, allow for measurement and reporting of the security posture and, ultimately, provide methods for correcting security shortcomings. These tools include the following: Proactive endpoint risk management (PERM) solutions automate or semiautomate the enforcement of security policy and configuration management on endpoints. Forensics and incident investigation solutions capture and store real-time network and device data and identify how business assets are affected by network exploits, internal data theft, and security or HR policy violations. Policy and compliance solutions enable organizations to create, measure, and report on security policy and regulatory compliance. ©2010 IDC 3
Security information and event management (SIEM) solutions include software designed to aggregate data from multiple sources to identify patterns of events that might signify attacks, intrusions, misuse, or failure. Security systems and configuration management (SSCM) solutions are primarily systems management products that monitor and report on the status of perimeter security products. • Vulnerability assessment (VA) products, on the other hand, are batch-level solutions that scan servers, workstations, other devices, and applications to uncover security vulnerabilities. The scan information is compared with a database of known security holes (vulnerabilities) to determine the threat status of the device or application. More sophisticated VA products can test for unknown vulnerabilities by mimicking common attack profiles to see if a device or an application can be penetrated. For example, penetration testing is an advanced capability that allows organizations to safely exploit vulnerabilities by replicating the kinds of access an intruder could achieve and providing actual paths of attacks that must be eliminated. Penetration testing, when used in conjunction with vulnerability scanning, reduces the number of false positives. Vulnerability assessment products include the following: Device vulnerability assessment products that use either network- or host-based scanners to look into a device to determine its security vulnerabilities Application scanners that test the robustness of an application or software to resist attacks — both specific attacks and attacks based on hacking techniques Threat Intelligence: Identify High-Priority Threats Managing cyber attacks is like securing a border between two large countries. It is not physically possible to secure the entire border, just as it's impossible to secure an enterprise network at every entrance point or user interface. The key to success is using real-time, global event intelligence to target logical attack points or create alerts when non-normal activity occurs. The goal of threat intelligence is to help IT analyze and, therefore, prioritize and better handle cyber security threats. Security products with threat intelligence help IT sort through the vast amount of information generated about user access, network traffic, database access, and application use to isolate actual or potential threats. This enables IT to focus on either solving security problems as they occur or preventing them based on historical data captured by security 4 ©2010 IDC
tools. Threat intelligence is based on a simple principle: "If you don't know what's out there, how do you know what to watch for?" If security products are integrated with a global intelligence network when there is a malicious attack affecting companies or consumers around the world, IT managers would know about it before it hits their enterprise. These products can block the attack or recommend how to protect against it to keep it from affecting the business. Just as business intelligence tools can be set to find specific points of information in huge volumes of data, products integrated with threat intelligence can be set to identify vulnerabilities across application, network, and data access and use. Similarly, threat intelligence solutions can be linked with databases of known threats to automate the process of updating security tools such as firewalls, virus software, etc. In addition, exceptions to normal usage patterns, often a sign of new or new types of attacks, can be targeted for alerts for further analysis by the software or an administrator. A major advantage of threat intelligence is that it increases the efficiency of IT security staff. By identifying high-priority threats, staff can focus on real problems instead of false alarms or those that typically can be handled by software tools already in place. In addition, threat intelligence brings the concept of intelligent process automation to enterprise security. Intelligent process automation, deployed through business intelligence tools, uses information to link complex business operations and processes. From a security standpoint, threat intelligence automates the links between information generated by security solutions and associated management tools with business goals and processes. With threat intelligence, repeatable decisions, such as virus prevention, can be automated according to preset policies. Similarly, threat intelligence tools using transaction monitoring or continuous data integration combined with user profiling can speed up the decision-making process for handling event-driven security issues, like internal or external attacks. Advanced threat analytics can be used to create security decision workflow and enable predictive modeling to evaluate response alternatives or test potential threats and complete risk assessments. New processes and procedures to reduce risk can be created with the information, enabling the organization to create a security environment that evolves as threats evolve. Threat intelligence can place the right information in the right hands at the right time for optimal response. Finally, threat intelligence solutions can support an enterprise's regulatory and compliance needs. The collection of security data and its analysis, combined with a record of how security breaches are handled, creates a log documenting timely monitoring and response, a critical component of regulations like HIPAA, GLBA, SOX, PCI, and others. Security information and event management is critical to providing a consolidated protection profile to security analysts, managers, and auditors alike. ©2010 IDC 5
Get the Data Hackers Don't Want You to Have Enterprises and organizations continue to deploy a vast array of security technologies to defend against ever-increasing threats. Unfortunately, many of these security products are not integrated with a threat intelligence network. To successfully defend against the cyber attacks described in this paper, organizations need real-time threat intelligence as a critical component of their security strategy. Threat intelligence can help enterprises interpret the global threat landscape and help apply that information to define appropriate security architectures to meet strategic objectives. It also can help organizations assess security measures from both technical and business perspectives, integrating the array of vulnerability, penetration, and threat assessments with a review of policies, controls, management, and compliance goals. Further, threat intelligence can help organizations continually analyze and review network, system, and application architectures from a security standpoint to defend against the most business- critical, advanced, and persistent threats. Threat intelligence can also help IT staff prioritize threats and associated responses by providing essential information about where the threats are originating and best practices for decision making. By capturing information on threats and related incident response, threat intelligence can help organizations keep records for compliance and for continuous improvement of security measures and policies. Threat intelligence is the fastest, most effective approach to helping enterprises manage security information. Like traditional business intelligence, threat intelligence helps organizations better use data to improve business processes — in this case, enterprise security. With the increasing number of assaults on enterprises through global networks, the Internet, and so forth, combined with the greater dependence on data as a competitive advantage, organizations need every advantage they can get. C O P Y R I G H T N O T I C E The analyst opinion, analysis, and research results presented in this IDC Executive Brief are drawn directly from the more detailed studies published in IDC Continuous Intelligence Services. Any IDC information that is to be used in advertising, press releases, or promotional materials requires prior written approval from IDC. Contact IDC Go-to- Market Services at gms@idc.com or the GMS information line at 508- 988-7610 to request permission to quote or source IDC or for more information on IDC Executive Briefs. Visit www.idc.com to learn more about IDC subscription and consulting services or www.idc.com/gms to learn more about IDC Go-to-Market Services. Copyright 2010 IDC. Reproduction is forbidden unless authorized. 6 ©2010 IDC

Recomendados

IBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseIBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseShwetank Jayaswal
 
Information security.pptx
Information security.pptxInformation security.pptx
Information security.pptxGovt. P.G. College Sendhwa, Barwani (M.P.)
 
An Empirical Study on Information Security
An Empirical Study on Information SecurityAn Empirical Study on Information Security
An Empirical Study on Information Securityijtsrd
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromiseCMR WORLD TECH
 

Recomendados

IBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseIBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseShwetank Jayaswal
 
Information security.pptx
Information security.pptxInformation security.pptx
Information security.pptxGovt. P.G. College Sendhwa, Barwani (M.P.)
 
An Empirical Study on Information Security
An Empirical Study on Information SecurityAn Empirical Study on Information Security
An Empirical Study on Information Securityijtsrd
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromiseCMR WORLD TECH
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gapxband
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYSYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYIJNSA Journal
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperDuncan Hart
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligencethinkASG
 
Mergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHMergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHEQS Group
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data SecurityImperva
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEMJoseph DeFever
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureLee Dalton
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsCognizant
 
Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityMighty Guides, Inc.
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekkoDMI
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Securityscoopnewsgroup
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Mark Baker
 
Adopting Intelligence-Driven Security
Adopting Intelligence-Driven SecurityAdopting Intelligence-Driven Security
Adopting Intelligence-Driven SecurityEMC
 
3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data securityKeith Braswell
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk ManagementDMIMarketing
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber securitySAHANAHK
 
Abhishek kurre.pptx
Abhishek kurre.pptxAbhishek kurre.pptx
Abhishek kurre.pptxDolchandra
 
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyCyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyOrganization
 

Más contenido relacionado

La actualidad más candente

Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gapxband
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYSYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYIJNSA Journal
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperDuncan Hart
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligencethinkASG
 
Mergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHMergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHEQS Group
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data SecurityImperva
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEMJoseph DeFever
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureLee Dalton
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsCognizant
 
Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityMighty Guides, Inc.
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekkoDMI
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Securityscoopnewsgroup
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Mark Baker
 
Adopting Intelligence-Driven Security
Adopting Intelligence-Driven SecurityAdopting Intelligence-Driven Security
Adopting Intelligence-Driven SecurityEMC
 

La actualidad más candente (17)

Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gap
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
 
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYSYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
 
Threat Lifecycle Management_Whitepaper
Threat Lifecycle Management_WhitepaperThreat Lifecycle Management_Whitepaper
Threat Lifecycle Management_Whitepaper
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security Intelligence
 
Mergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACHMergers & Acquisitions security - (ISC)2 Secure Summit DACH
Mergers & Acquisitions security - (ISC)2 Secure Summit DACH
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trends
 
The Business Case for Data Security
The Business Case for Data SecurityThe Business Case for Data Security
The Business Case for Data Security
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEM
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochure
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
 
Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint Security
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Security
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)
 
Adopting Intelligence-Driven Security
Adopting Intelligence-Driven SecurityAdopting Intelligence-Driven Security
Adopting Intelligence-Driven Security
 

Similar a Protective Intelligence

3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data securityKeith Braswell
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk ManagementDMIMarketing
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber securitySAHANAHK
 
Abhishek kurre.pptx
Abhishek kurre.pptxAbhishek kurre.pptx
Abhishek kurre.pptxDolchandra
 
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyCyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyOrganization
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutionsharman041
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assetscyberprosocial
 
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTIONAI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTIONChristopherTHyatt
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfforladies
 
Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technologyijtsrd
 
The Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfThe Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfMax Secure Ltd
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber securityCarol Meng-Shih Wang
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 

Similar a Protective Intelligence (20)

3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data security
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
 
Abhishek kurre.pptx
Abhishek kurre.pptxAbhishek kurre.pptx
Abhishek kurre.pptx
 
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an UncertaintyCyber Security Trends - Where the Industry Is Heading in an Uncertainty
Cyber Security Trends - Where the Industry Is Heading in an Uncertainty
 
Measures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksMeasures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacks
 
Measure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksMeasure To Avoid Cyber Attacks
Measure To Avoid Cyber Attacks
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
digital marketing
digital marketingdigital marketing
digital marketing
 
Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
 
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital AssetsDefensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
Defensive Cybersecurity: A Modern Approach to Safeguarding Digital Assets
 
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTIONAI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
AI IN CYBERSECURITY: THE NEW FRONTIER OF DIGITAL PROTECTION
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Information Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdfInformation Securityfind an article online discussing defense-in-d.pdf
Information Securityfind an article online discussing defense-in-d.pdf
 
Fundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest TechnologyFundamental Areas of Cyber Security on Latest Technology
Fundamental Areas of Cyber Security on Latest Technology
 
The Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfThe Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdf
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber security
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 

Más de wbesse

Berkowitz Smiley Faces[1]
Berkowitz Smiley Faces[1]Berkowitz Smiley Faces[1]
Berkowitz Smiley Faces[1]wbesse
 
Stalker
StalkerStalker
Stalkerwbesse
 
CSO Magazine
CSO MagazineCSO Magazine
CSO Magazinewbesse
 
Loughner, Jared Hw
Loughner, Jared HwLoughner, Jared Hw
Loughner, Jared Hwwbesse
 
Laughlen X[1]
Laughlen X[1]Laughlen X[1]
Laughlen X[1]wbesse
 
Col. Russel Williams Handwriting
Col. Russel Williams HandwritingCol. Russel Williams Handwriting
Col. Russel Williams Handwritingwbesse
 
Planning for & Recovery From Disasters
Planning for & Recovery From DisastersPlanning for & Recovery From Disasters
Planning for & Recovery From Disasterswbesse
 
Monterrey Mexico Security
Monterrey Mexico SecurityMonterrey Mexico Security
Monterrey Mexico Securitywbesse
 
Cyber Theft Solutions
Cyber Theft SolutionsCyber Theft Solutions
Cyber Theft Solutionswbesse
 
Cover Story Commentary
Cover Story CommentaryCover Story Commentary
Cover Story Commentarywbesse
 
Olympic Security
Olympic SecurityOlympic Security
Olympic Securitywbesse
 
Light In The Storm
Light In The StormLight In The Storm
Light In The Stormwbesse
 
Crisis Mgt Presentation
Crisis Mgt PresentationCrisis Mgt Presentation
Crisis Mgt Presentationwbesse
 
Code Of The West
Code Of The WestCode Of The West
Code Of The Westwbesse
 
Interview with Bill Besse
Interview with Bill BesseInterview with Bill Besse
Interview with Bill Bessewbesse
 

Más de wbesse (15)

Berkowitz Smiley Faces[1]
Berkowitz Smiley Faces[1]Berkowitz Smiley Faces[1]
Berkowitz Smiley Faces[1]
 
Stalker
StalkerStalker
Stalker
 
CSO Magazine
CSO MagazineCSO Magazine
CSO Magazine
 
Loughner, Jared Hw
Loughner, Jared HwLoughner, Jared Hw
Loughner, Jared Hw
 
Laughlen X[1]
Laughlen X[1]Laughlen X[1]
Laughlen X[1]
 
Col. Russel Williams Handwriting
Col. Russel Williams HandwritingCol. Russel Williams Handwriting
Col. Russel Williams Handwriting
 
Planning for & Recovery From Disasters
Planning for & Recovery From DisastersPlanning for & Recovery From Disasters
Planning for & Recovery From Disasters
 
Monterrey Mexico Security
Monterrey Mexico SecurityMonterrey Mexico Security
Monterrey Mexico Security
 
Cyber Theft Solutions
Cyber Theft SolutionsCyber Theft Solutions
Cyber Theft Solutions
 
Cover Story Commentary
Cover Story CommentaryCover Story Commentary
Cover Story Commentary
 
Olympic Security
Olympic SecurityOlympic Security
Olympic Security
 
Light In The Storm
Light In The StormLight In The Storm
Light In The Storm
 
Crisis Mgt Presentation
Crisis Mgt PresentationCrisis Mgt Presentation
Crisis Mgt Presentation
 
Code Of The West
Code Of The WestCode Of The West
Code Of The West
 
Interview with Bill Besse
Interview with Bill BesseInterview with Bill Besse
Interview with Bill Besse
 

Protective Intelligence

  • 1. I D C E X E C U T I V E B R I E F Proactive Intelligence Gathering for Enterprise Protection August 2010 Adapted from Worldwide IT Security Products 2009–2013 Forecast and 2008 Vendor Shares: Comprehensive Security Product Review by Brian E. Burke, Sally Hudson, Charles J. Kolodgy, et al., IDC #221351 Sponsored by Symantec Stay Ahead of Internet Threats to Protect Business- Critical Information Staying ahead of security threats will protect enterprise information and infrastructure from falling victim to a cyber attack or data breach. However, instead of leveraging a threat intelligence network, many organizations are relying upon multiple security products to receive notifications of new threats and their system vulnerabilities. Not every security product is integrated with a threat intelligence network, and in today's mobile environment, just one exposed confidential asset or record could compromise a business. This Executive Brief provides an overview of a more effective way to manage security through the integration and analysis of the global threat landscape. Cyber Attacks Narrow Their Focus The need for corporate security has never been greater. The amount of digital data — powered by globalization, Web access, new techniques for data gathering and analysis, digital communications, conversion from paper to digital processes, and increased regulatory and legal requirements — continues to increase exponentially. The increasing use of corporate email, Web email, instant messaging (IM), peer to peer (P2P), and other channels for distributing data, along with the proliferation of mobile devices that allow employees to carry sensitive information outside the organization's boundaries, makes securing information a substantial challenge. In addition, the digital threat environment is rapidly changing — in the motives of malware writers as well as in the vulnerabilities they are targeting. A growing number of malicious programs are exploiting security weaknesses in Internet browsers. An infected Web page, for example, can exploit a site visitor's computer remotely without the visitor even having to physically click on any links; a so-called "drive-by" attack. IDC_988
  • 2. As a result, security concerns are at an all-time high among organizations seeking protection from a rash of spyware, Trojan horses, worms, and other Web traffic–borne menaces. Also, newer applications such as voice, storage networks, and emerging information technologies such as VoIP and XML continue to create a new set of requirements for protection. Current economic conditions notwithstanding, the security market continues to grow. IDC forecasts that this market will reach $37.8 billion in 2013, representing a compound annual growth rate of 9%. IDC sees the following three key trends driving the IT security market: • The largest security threat to enterprises lies within the network. With access to a significant portion of the enterprise resources, insiders — including current and past employees, temporary workers, partners, and customers — may take advantage of the organization's lack of security awareness to gain access to enterprise data. Most companies do not have visibility into who is accessing what in the network until after the security breach has happened. Breaches continue to happen, caused either by a disgruntled or soon-to-leave employee or an outsider who compromises internal user rights to access intellectual property and other data. Numerous instances are available of individuals causing deliberate harm; leaking confidential information of employees, customers, and enterprise data; or harming enterprise resources. • External hackers are exploiting insider ignorance. Social engineering threats like spyware, phishing, and pharming gain entry into the enterprise through the ignorance of insiders. It is commonly recognized that security is as weak as the weakest link in enterprise security. Through blended attacks that use multiple methods, external attackers find that user ignorance is the simplest route to enterprise data and resources. Further, as financial gain takes precedence over other motives for attacks, attacks themselves are consolidating into organized crime. Using the trust users have established with colleagues and acquaintances, attackers begin with compromising insider targets and then, through these contacts, extend the attack to other users. Examples include phishing attacks via social networking sites, instant messaging, and hosted email services; targeted emails to executives; and global event–related spam. In targeting the users, attackers are using publicly available vulnerability information and freely available rootkits, launching small attacks that change patterns rapidly to escape traditional security radars. In addition, hackers typically use multiple methods to reach the insider, necessitating the deployment of multiple security solutions. Deploying multiple solutions comes at a high cost and brings with it the possibility of security mismanagement due to the complexity in managing the solutions. Further, traditional security solutions, which rely on the magnitude of the attack to detect it, are likely to fall short. Proactive security based on real-time global events — i.e., threat intelligence — is necessary to meet these threats. 2 ©2010 IDC
  • 3. Regulatory compliance continues to add even greater pressure to protect sensitive data and document those security measures. Given the magnitude of threats to employee, customer, and corporate data, compliance regulations like HIPAA, GLBA, SOX, PCI, and others are forcing enterprises to undertake security measures that control the access and activity of users. Faced with penalties in case of noncompliance or loss of reputation in case of data loss, enterprises are under pressure to implement compliance measures within the enterprise. Compliance regulations are forcing organizations to have more network access controls with increased levels of network monitoring and reporting. The volume of information produced by existing systems is fast becoming too confusing and too much to handle for policy enforcers and auditors. Organizations Can No Longer Ignore Blind Spots As a result of the previously mentioned trends, enterprises and organizations are deploying a myriad of security technologies to defend against ever-increasing threats. But all of these security products add complexity to the security infrastructure. To manage the growth in security, organizations are turning to security and vulnerability management (SVM) solutions to provide them with intelligence to make security more effective as well as to document their efforts for compliance. This is why the SVM market continues to grow at double-digit rates and IDC predicts that it will exceed $4.4 billion in 2013. The security and vulnerability management market encompasses two separate but symbiotic segments — security management and vulnerability assessment. These two markets can stand alone, but they also have considerable overlap in how they are used by enterprises. • Security management products, consisting of tools that provide organizations with the ability to create security policy that drives both business and security initiatives, allow for measurement and reporting of the security posture and, ultimately, provide methods for correcting security shortcomings. These tools include the following: Proactive endpoint risk management (PERM) solutions automate or semiautomate the enforcement of security policy and configuration management on endpoints. Forensics and incident investigation solutions capture and store real-time network and device data and identify how business assets are affected by network exploits, internal data theft, and security or HR policy violations. Policy and compliance solutions enable organizations to create, measure, and report on security policy and regulatory compliance. ©2010 IDC 3
  • 4. Security information and event management (SIEM) solutions include software designed to aggregate data from multiple sources to identify patterns of events that might signify attacks, intrusions, misuse, or failure. Security systems and configuration management (SSCM) solutions are primarily systems management products that monitor and report on the status of perimeter security products. • Vulnerability assessment (VA) products, on the other hand, are batch-level solutions that scan servers, workstations, other devices, and applications to uncover security vulnerabilities. The scan information is compared with a database of known security holes (vulnerabilities) to determine the threat status of the device or application. More sophisticated VA products can test for unknown vulnerabilities by mimicking common attack profiles to see if a device or an application can be penetrated. For example, penetration testing is an advanced capability that allows organizations to safely exploit vulnerabilities by replicating the kinds of access an intruder could achieve and providing actual paths of attacks that must be eliminated. Penetration testing, when used in conjunction with vulnerability scanning, reduces the number of false positives. Vulnerability assessment products include the following: Device vulnerability assessment products that use either network- or host-based scanners to look into a device to determine its security vulnerabilities Application scanners that test the robustness of an application or software to resist attacks — both specific attacks and attacks based on hacking techniques Threat Intelligence: Identify High-Priority Threats Managing cyber attacks is like securing a border between two large countries. It is not physically possible to secure the entire border, just as it's impossible to secure an enterprise network at every entrance point or user interface. The key to success is using real-time, global event intelligence to target logical attack points or create alerts when non-normal activity occurs. The goal of threat intelligence is to help IT analyze and, therefore, prioritize and better handle cyber security threats. Security products with threat intelligence help IT sort through the vast amount of information generated about user access, network traffic, database access, and application use to isolate actual or potential threats. This enables IT to focus on either solving security problems as they occur or preventing them based on historical data captured by security 4 ©2010 IDC
  • 5. tools. Threat intelligence is based on a simple principle: "If you don't know what's out there, how do you know what to watch for?" If security products are integrated with a global intelligence network when there is a malicious attack affecting companies or consumers around the world, IT managers would know about it before it hits their enterprise. These products can block the attack or recommend how to protect against it to keep it from affecting the business. Just as business intelligence tools can be set to find specific points of information in huge volumes of data, products integrated with threat intelligence can be set to identify vulnerabilities across application, network, and data access and use. Similarly, threat intelligence solutions can be linked with databases of known threats to automate the process of updating security tools such as firewalls, virus software, etc. In addition, exceptions to normal usage patterns, often a sign of new or new types of attacks, can be targeted for alerts for further analysis by the software or an administrator. A major advantage of threat intelligence is that it increases the efficiency of IT security staff. By identifying high-priority threats, staff can focus on real problems instead of false alarms or those that typically can be handled by software tools already in place. In addition, threat intelligence brings the concept of intelligent process automation to enterprise security. Intelligent process automation, deployed through business intelligence tools, uses information to link complex business operations and processes. From a security standpoint, threat intelligence automates the links between information generated by security solutions and associated management tools with business goals and processes. With threat intelligence, repeatable decisions, such as virus prevention, can be automated according to preset policies. Similarly, threat intelligence tools using transaction monitoring or continuous data integration combined with user profiling can speed up the decision-making process for handling event-driven security issues, like internal or external attacks. Advanced threat analytics can be used to create security decision workflow and enable predictive modeling to evaluate response alternatives or test potential threats and complete risk assessments. New processes and procedures to reduce risk can be created with the information, enabling the organization to create a security environment that evolves as threats evolve. Threat intelligence can place the right information in the right hands at the right time for optimal response. Finally, threat intelligence solutions can support an enterprise's regulatory and compliance needs. The collection of security data and its analysis, combined with a record of how security breaches are handled, creates a log documenting timely monitoring and response, a critical component of regulations like HIPAA, GLBA, SOX, PCI, and others. Security information and event management is critical to providing a consolidated protection profile to security analysts, managers, and auditors alike. ©2010 IDC 5
  • 6. Get the Data Hackers Don't Want You to Have Enterprises and organizations continue to deploy a vast array of security technologies to defend against ever-increasing threats. Unfortunately, many of these security products are not integrated with a threat intelligence network. To successfully defend against the cyber attacks described in this paper, organizations need real-time threat intelligence as a critical component of their security strategy. Threat intelligence can help enterprises interpret the global threat landscape and help apply that information to define appropriate security architectures to meet strategic objectives. It also can help organizations assess security measures from both technical and business perspectives, integrating the array of vulnerability, penetration, and threat assessments with a review of policies, controls, management, and compliance goals. Further, threat intelligence can help organizations continually analyze and review network, system, and application architectures from a security standpoint to defend against the most business- critical, advanced, and persistent threats. Threat intelligence can also help IT staff prioritize threats and associated responses by providing essential information about where the threats are originating and best practices for decision making. By capturing information on threats and related incident response, threat intelligence can help organizations keep records for compliance and for continuous improvement of security measures and policies. Threat intelligence is the fastest, most effective approach to helping enterprises manage security information. Like traditional business intelligence, threat intelligence helps organizations better use data to improve business processes — in this case, enterprise security. With the increasing number of assaults on enterprises through global networks, the Internet, and so forth, combined with the greater dependence on data as a competitive advantage, organizations need every advantage they can get. C O P Y R I G H T N O T I C E The analyst opinion, analysis, and research results presented in this IDC Executive Brief are drawn directly from the more detailed studies published in IDC Continuous Intelligence Services. Any IDC information that is to be used in advertising, press releases, or promotional materials requires prior written approval from IDC. Contact IDC Go-to- Market Services at gms@idc.com or the GMS information line at 508- 988-7610 to request permission to quote or source IDC or for more information on IDC Executive Briefs. Visit www.idc.com to learn more about IDC subscription and consulting services or www.idc.com/gms to learn more about IDC Go-to-Market Services. Copyright 2010 IDC. Reproduction is forbidden unless authorized. 6 ©2010 IDC