Preventive Approach in Security Assurance

Preventive Approach in Security Assurance

Risk intellectual management is crucial in conditions of the modern complicated information security infrastructure.
Today HP has published the research whose results reveal that the preventive approach to security assurance using intellectual risk reducing tools is becoming more and more demanded.
According to the global research, carried out by Coleman Parkes Research on request of HP, companies are using the preventive approach to security assurance more and more, paying more attention to such aspects as strategy, management and analysis. Almost three quarters (71%) of interviewed companies’ leaders said security specialists head-to-head take part in management meetings. Moreover, one can also observe the growth in using analysis methods: 82% stated that they studied a possibility of implementing security information and event management solutions.
However, the results of the research show that the security measures applied post factum are paid more attention to than preventive ones which are more important. In particular, more than 50% of respondents said they spent more time and money on fixing the problem rather than on preventive measures. Only 45% of respondents have information risk management strategies and 53% make manual reports or don’t do any relevant evaluation, which significantly decreases the readiness to danger protection.
According to the respondents’ opinions, corporate security management is complicated by the appearance of the following IT-tendencies:

  • mobility – more than 73% of the respondents complained about the difficulty in organizing the centralized management of mobile devices; more than 51% consider that due to mobile device expansion the threat of stealing or losing data has increased;
  • Big Data – about 66% informed about the problems connected with big data protection and usage;
  • Identification management – among the most complicated tasks involving identification management, data protection and identity governance were named;
  • Security incidents happened at work with printers – although data security is one of the main tasks of any company, 68% of the respondents don’t have any solutions which ensure the protection of output devices. As a result, penetration into the corporate network by means of using the vulnerabilities of printer’s software and an unauthorized access to printed documents is possible.

With the appearance of numerous technical innovations, threats are becoming more and more complicated, constant and unpredictable. In order to cope with them, companies have to implement the preventive and consistent approach to information risk management. Intellectual security solutions from HP help analyze, transform and optimize security environments and manage them with the aim of protecting the most valuable company’s assets.
Methodology
The research was carried out by the company Coleman Parkes Research on request of HP. More than 550 leaders of big and middle-sized companies and their technical divisions were interviewed. The research was carried out by phone in July 2012. The questionnaire embraced the following regions: North America (USA and Canada), Europe and Middle East, Asian and Pacific Region, and Latin America.