Security in the Australian Market

IDC's marina Beale reports on the findings from the 2010 IDC Security Software Survey

Operating in a hyper-connected world, the major concern that is foremost on the CIO's priority list is security. The emergence of convergence technologies, mobility and new delivery models like cloud has only further spurred the growth in security.

Notably, spending on security during the GFC was not compromised and is unlikely to happen going forward.

In 2010 there was a spate of security breaches in which customer data was exposed in a spectacular way. There was of course the infamous Vodafone breach and St George bank's breach of customer accounts, as well as unauthorised access by Medicare staff to client records. All of which, no doubt, will have proven to be costly to organisations. It is hardly surprising that the focus for companies will be on protecting and preventing data leakage. A survey undertaken by IDC in 2010 indicates data leakage and protection is the number one concern for IT managers.

What we will see this year and next is a greater emphasis on securing the Web, Cloud, business processes, endpoints and an increasing focus on the mobile enterprise, all of which will drive spending in data leakage prevention, compliance, messaging/Web security,end point security and encryption.

The Web environment will be of particular focus; the rate of change in the realm of the Web makes it difficult to stay up to date. The attack method of choice for online criminals is now a combination of spam with embedded URLs which link to amorphous “Cloud-based” criminal sites that push malware down from the Web onto victim's PCs and likely, in the near future, mobile devices. Millions of new Web URLs are created every day solely for the purposes of infecting unknowing Web end users with Trojans and malware or to pull them into other types of social engineering schemes.

The Web is a complex dimension and IT operations departments are beginning to understand that it is critical to treat it differently. Keeping up with the Web environment, however is challenging — which is why we are likely to see the use of more SaaS-based security solutions, this year and going forward.

Collaborative applications

Collaborative applications and technology will drive enterprise security.As a result we will see Web security technology become an increasingly critical component to an enterprise's security infrastructure as more enterprise business processes move to Web-based applications and Web 2.0-based collaboration tools proliferate among end users. As always, the “baddies” are using the same technology as the “goodies” and in some cases a lot better! At the moment they are capitalising on Cloud Cloudbased technology, scalable, inexpensive, on demand, and widely distributed computing platforms.

Revived interest in network security

Network security has seen a revived and renewed interest in UTMs, IPS,and content management appliances. This is largely due to securing the private Cloud on premise in the customer environment and the service provider's data center.

Ultimately, it would be untenable to consider cyber security separately from business operations, especially in a hyper-connected enterprise. The cyber world and business operations are converging and this will need to be reflected in a sound security framework, which includes business processes as well as covering Cloud, Web environments and mobile communication environments.

By Marina Beale Marina Beale is IT Services and Software Research Manager with IDC's Services and Software Research Group, based in Sydney,Australia. She is responsible for IDC’s IT services and software research, with a strong focus on security in Australia. Part of the research is to track and to provide insight and analysis into these markets, as well as identify changes and emerging trends.

Join the CSO newsletter!

Error: Please check your email address.

Tags IDC Security software surveynetwork securityIDC ResearchIDCsecuritycollaborative appsCloudbreaches

More about etworkIDC AustraliaIPSVodafone

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by CSO staff

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place