SUNNYVALE, CA — (Marketwire) — 12/20/11 — ® Inc., the leading independent provider of Security and Operational Risk Management solutions for Governance, Risk, and Compliance (GRC) programs, today unveiled its Information Technology (IT) security predictions for the coming year. These predictions are based on the company-s engagement with Global 2000 companies, government agencies, fellow security vendors, industry analysts and security consultants, as well as market research it conducts on a regular basis.
Topping the list is Agiliance-s prediction that organizations will recognize that risk is security-s new compliance. A risk-based approach and holistic view of the organization-s IT infrastructure will be driven by further consumerization of IT, challenges related to social media as an instrument in cyber warfare, stricter enforcement and new legislation focused on data protection, threat information sharing, and incident disclosure, as well as the emerging need to assess cloud service providers- ability to enforce security policies and continuously maintain an adequate compliance posture.
“For many years, complying with government standards and industry regulations has been seen as a check box in the lengthy list of IT security tasks,” said Torsten George, vice president of worldwide marketing at Agiliance. “In 2012, we will see progressive organizations applying a risk-based, continuous approach to security. By doing so, they will be able to make risk visible, measurable, and actionable.”
Specifically, Agiliance expects dramatic changes in the following areas:
New products and services will emerge that deal with the necessary delineation of employer-owned versus employee-owned data on mobile devices. These products will go beyond anti-virus and malware software to deal with embedded strong authentication, secure mobile operating systems scanners, mobile operating system vulnerability scanning, and data segregation / encryption. For social media threats, existing security tools- capabilities will be extended to cover monitoring of social media networks to tackle the emergency of social media cyber warfare.
Agiliance predicts an acceleration of efforts to create standards around cloud security, primarily driven by the data consolidation efforts of the U.S. government as well as wide-ranging support of the Cloud Security Alliance. Independent, continuous monitoring of cloud service providers- security controls will become a standard part of service level agreements.
Agiliance predicts that, in the second half of 2012, a government mandate will be passed that will propagate the implementation of a pro-active Information Security Risk Management system and related best practices to tackle cyber security threats. Similar to stricter enforcement policies of the HiTech Act by the HHS, regulations penalty cases will surge in 2012. Furthermore, privacy audit is becoming a major driver behind security tool investments as organizations are coming up short on audits relating to data breaches, disclosure notifications, data handling, attribution, and incident closure.
Sharing of sensitive threat information will become essential to prevent widespread cyber attacks across different verticals and industries. Nowadays, cyber criminals are coordinating their efforts and are well-versed in sharing vulnerabilities and attack methodologies. They even have their own online communities where they exchange information. This is unmatched by the commercial sector and government agencies. As a result, Agiliance predicts that the increase in cyber security attacks and data breaches will lead to the introduction of a formal information sharing database that will be made accessible to a broader group.
With more than 365 security incidents reported this year to date, affecting over 126 million records, cyber security attacks have become a mainstream event in the industry. Based on these changes, Agiliance predicts further increase in demand for software tools that are able to aggregate data from existing security tools and information management applications to make risk visible, measurable, and actionable. These tools will not only provide advanced reporting capabilities, but interconnectivity to ensure that remediation actions can be triggered and followed through easily. To better describe the capabilities of these tools, analysts will create a new software category called Security Risk Management.
For the in-depth predictions, data, and accompanying graphics, please see Agiliance-s 2012 IT Security Predictions: .
Agiliance, founded in late 2005, is the leading independent provider of Security and Operational Risk Management solutions for Governance, Risk, and Compliance (GRC) programs. Delivered on-demand or on-premise, Agiliance GRC technology minimizes manual auditing through scalable automation to enable closed-loop risk management and continuous compliance. Agiliance customers use real-time risk analysis to optimize business performance and make better investment decisions. Unlike legacy offerings that can take nearly a year to deploy, Agiliance-s Global 2000 and public sector customers deploying the Agiliance RiskVision platform achieve demonstrable value within 30 days on-demand, and within 90 days on-premise, made possible by Agiliance-s extensive library of technology integrations and GRC content. Agiliance RiskVision scales with businesses, effectively managing data, assets, people and processes to achieve 100 percent risk and compliance coverage. For more information, please visit .
Samantha Sok or Lauren Connelly
Schwartz MSL for Agiliance, Inc.
T +1 415.512.0770
You must be logged in to post a comment Login