It was IT's dirty secret: Spending millions of dollars on security products such as firewalls, antivirus and intrusion detection bought companies little more than ticks in an auditor's checkboxes. Greg Shipley, a respected security consultancy CTO, laid that secret bare in a parting manifesto before joining In-Q-Tel to help the U.S. government spot innovative tech startups. The result: our cover story titled "Epic Fail." Some vendors cried foul, but Greg backed up his thesis with extensive testing of five major antivirus suites that showed detection rates of no better than 30%. His message that you can't buy security came with an action plan. Spend on controls in line with threats. Get realistic about detection. Reward innovative vendors. Know when tech isn't the answer. Since then, the strategy of focusing on risk, process and awareness training has caught on.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.