 |
 Back to 2005 Press Releases
|
Gartner Says Organizations Can Spend Less on Security and Be More Secure |
|
| Analysts Explain How Enterprises Can Save Money While Still Maintaining a Secure Environment During Gartner Symposium/ITxpo, October 17 - 21, in Orlando |
ORLANDO, Fla., October 19, 2005 - When multiple market, technology and organizational forces existing today are combined, they can lower the overall cost of information security while enabling enterprises to improve their overall security profile, according to Gartner, Inc.
By 2010, as these elements for increased efficiency continue to evolve, only 1-in-10 new emerging security threats will require the deployment of a tactical, best-of-breed solution, compared with 8-in-10 in 2005. Gartner analysts discussed the outlook for security spending at Gartner Symposium/ITxpo, which is taking place here, October 17 through 21.
Consolidation and convergence of security functions onto security platforms will have the greatest effect in terms of overall cost reduction over time. However, technology is only part of the story. Collectively, the ongoing improvements in process discipline of the IT organization will be the second largest contributor to spending less and being more secure.
"As information security threats and technologies for dealing with them mature, these activities should be turned over to the operations side of the IT organization," said John Pescatore, vice president and distinguished analyst at Gartner. "An information security organization should be focused on new emerging threats and technologies. This requires the information security team to 'let go' of the more routine, mundane threat protection technologies and focus on what they do best - effectively addressing new threats."
"To get more secure and spend less, enterprises should focus on process, not products," said Neil MacDonald, vice president and distinguished analyst at Gartner. "Businesses should increase the efficiency of the security program either by reducing the percentage of revenue that goes toward security spending or increasing the amount of protection from established security spending levels and also increase the effectiveness of the security program, reducing the number of successful incidents or providing security controls that don't interfere with business missions."
Just as business processes are key to the success of the business, defining the security processes is key to securing the business. Four security processes - network access control, intrusion prevention, vulnerability management and ID/access management - and the interfaces between them are the best approach to improving security effectiveness and efficiency.
"The rest of the business is moving to a process-focused discipline of measurement and management, why shouldn't we expect the same from information security?" Mr. MacDonald said. "When new threats emerge, have your processes defined and map solutions to this as necessary. This discipline helps to avoid different groups duplicating efforts and purchasing point solutions for each new threat."
About Gartner Symposium/ITxpo
Gartner Symposium/ITxpo is the IT industry's largest and most strategic conference, providing business leaders with a look at the future of IT. For more than 10,000 IT professionals from the world's leading enterprises, Gartner's annual Symposium/ITxpo events are key components of their annual planning efforts. Attendees rely on Gartner Symposium/ITxpo to gain insight into how their organizations can use technology to address business challenges and improve operational efficiency.
In Orlando, an integral part of the Gartner Symposium is the ITxpo showfloor, where more than 190 technology companies are showcasing the latest technology solutions. There are 11 ITxpo marketplaces, including mobile and wireless, business intelligence and data warehousing, outsourcing and IT services and security. ITxpo marketplaces are focused areas designed to aggregate solution providers into a specific market and link conference topics to market solutions. Attendees can attend technology company presentations and schedule face to face meetings with exhibitors of their choice. For more information, please visit www.gartner.com/symposium/us.
CONTACT:.
Christy Pettey .
(408) 468-8312.
christy.pettey@gartner.com
|
About Gartner:
Gartner, Inc. (NYSE: IT) is the leading provider of research and analysis on the global information technology industry. Gartner serves more than 9,000 clients, including chief information officers and other senior IT executives in corporations and government agencies, as well as technology companies and the investment community. The Company focuses on delivering objective, in-depth analysis and actionable advice to enable clients to make more informed business and technology decisions. The Company's businesses consist of Research and Events for IT professionals; Gartner Executive Programs, membership programs and peer networking services; and Gartner Consulting, customized engagements with a specific emphasis on outsourcing and IT management. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, and has more than 3,900 associates, including more than 1,200 research analysts and consultants, in more than 75 countries worldwide. For more information,
visit www.gartner.com.
|
|
|
|
|
