As just about anybody reading the security trades knows, last week Heartland Payment Systems reported that it had suffered a serious security breach. As I understand it from public reports, a malicious party planted a piece of designer malware on a key server, and was then able to "sniff" credit card numbers as they passed through. Estimates vary widely about the extent of the breach. Certainly, SB 1386 and other disclosure laws will ensure that something resembling the truth will emerge sooner or later.
Clearly, this particular incident is a serious one. Various observers have used this incident to take issue with Heartland, the PCI DSS, their auditors and more generally the process for certifying QSAs. That is all well and good, but the non-stop parade of toxic data spills makes me wonder whether we, as an industry, aren't missing a few fairly obvious points.
Autonomy’s recent announcement that it plans to acquire Interwoven will strengthen its traction in the broader eDiscovery landscape. With the purchase, Autonomy picks up a range of assets, but a key component of the $775 million purchase focuses on new opportunities to mitigate legal and regulatory risk and capitalize on the surging eDiscovery market.
Along with other markets, M&A activities in this segment slowed in Q4 2008, but vendors continued to announce a steady stream of partnerships (e.g., Open Text - Recommind and CaseCentral - CommVault) and significant internally developed offerings. Selected acquisitions in this market include:
Friday, Iron Mountain and Microsoft announced a new partnership. Customers of Microsoft's backup offering, Data Protection Manager (DPM) 2007 service pack 1, can electronically vault redundant copies of their data to Iron Mountain's CloudRecovery service. This is welcomed news for DPM customers. Customers will continue to backup locally to disk for instant restore but rather than vault data to tape and physically transport tape to an offsite storage service provider, customers will vault data over the Internet to Iron Mountain. For disaster recovery purposes and long-term retention services, you need this redundant copy of your data offsite. By eliminating the physical tape transport you eliminate the risk of lost or stolen tapes or the need to deploy some kind of tape encryption solution. Microsoft DPM hasn't taken the backup world by storm since its introduction in 2005, but each subsequent release has added critical features and application support. Additionally, because it is often bundled in with Microsoft System Center, I expect adoption will increase among small and medium businesses (SMBs) and small and medium enterprises (SMEs).
Today, AVG announced the acquisition of Sana Security, a longtime host-intrusion prevention software vendor. I have particular affection for Sana because they were a former client of mine at a previous job. Back in the summer of 2007, when security startup venture money was still flowing freely, like a rose-scented fountain at a Vegas casino, I remember giving a speech for Sana at their San Jose Grand Prix event. Don Listwin, their then-CEO, was a serious car racing enthusiast. He had conspired with the city of San Jose to shut down the city center so they could run race cars down the middle of it. It was pretty wild stuff -- speaking as someone who comes from Boston, where all of the roads seem to be derived from old horse-trails or giant spiderweb patterns.
Host intrusion prevention software has always been a fascinating subsegment of client security, not least because of the fact that what HIPS vendors try to do is actually pretty hard stuff. In concept, the idea sounds simple: monitor processes in memory for suspicious activity, and block them when they try to do something naughty. For example, an ActiveX control executing in the context of a website should not be allowed to open a command shell and then initiate an outbound connection to somewhere else. Simple, right?
I am pleased to announce that this is my inaugural post on the Forrester SRM blog. Not only that, it's the day that my first research report went live on the Forrester site.
About me: I am a long-time Forrester fan. My first exposure to Forrester came back in 1994, when I was a lowly systems analyst figuring out how to build IT systems to manage trucks and warehouses. I always loved the Forrester writing style: interesting data, strong prose and solid recommendations -- written by people utterly unafraid to take tough positions. And now 15 years later, here I am trying to do the same. I'm pleased to be here, working with such a talented team of professionals!
My first report, called Data-Centric Security Requires Devolution, Not a Revolution, begins by talking about how securing enterprise data has become a top priority for enterprise CISOs. By "data" we mean structured and unstructured bits of information sprinkled all over the landscape: in databases, documents and e-mails, residing on servers, laptops, desktops and mobile devices.