Stories about: Forrester Research

If there is a Holy Grail in the information security industry, it surely is the answer to the question, "How secure is secure enough?"

Security issues often seem to smolder more than burn, but these six are certainly capable of lighting a fire under IT professionals at a moment's notice. Handle with care.

Web-based e-mail is booming. Services such as Gmail, Yahoo Mail and Hotmail are convenient, accessible and, best of all, free. Many of us have come to rely on them without giving it a second thought.

There are lots of ways business networks can be compromised, and more are developing all the time. They range from technology exploits to social engineering attacks, and all can compromise corporate data, reputation and the ability to conduct business effectively.

As enterprises seek out ways to reduce IT costs, optimize resources and improve operational efficiencies, three technology trends have started to dominate: virtualization, service-oriented architecture and mobility. More promising yet is the intertwining of these unique technologies.

Today's CISO plays a pivotal role not only in defining technical standards and security policies, but also in assuring customers of the security of their data and validating security controls to regulators. Many are struggling with this transition because they have been given these responsibilities without any real authority or visibility within their organizations. They also need a new set of skills to successfully fulfill their responsibilities.

In the past, most enterprises defined a disaster as an act of nature--a hurricane, tornado, flood or fire that wipes out their ability to conduct business as usual. Today, with worldwide networks, 24/7 customer call centers and Web applications, a common electrical failure could spell disaster when communication is interrupted in the supply chain, online transactions are halted or networks are down. Online resource Dictionary.com has even added "business failure" to the list of calamitous events that define a disaster.

IBM is aggressively expanding its security portfolio in hopes of becoming the de facto source of advice and technology for businesses looking to adopt high-level IT governance and risk management strategies -- a transformation among customers that officials at Big Blue cite as both ongoing and inevitable.

How bad was 2007 for breaches, vulnerabilities and similar mayhem? On the bright side, it was better than 2008 is forecast to be. With more of every sort of meltdown predicted -- more criminalization of the hacker community, more Web-application attacks, more phishing, more spamming, more zero-day attacks and more virtualization-related threats -- we're happy to tell you that you are likely to look back on 2007 as the peaceful old days.

Faced with looming regulations such as the Health Insurance Portability and Accountability Act and the Sarbanes-Oxley Act, Craig Shumard, chief information security officer for healthcare provider Cigna, knew he needed better tools for role-based access control.

Windows XP, Microsoft's most popular operating system, sports the same encryption flaws that Israeli researchers recently disclosed in Windows 2000, Microsoft officials confirmed late Tuesday.