Help Us Define The Data Security Market In 2015!

Stephanie Balaouras

To help security pros plan their next decade of investments in data security, last year myself, John Kindervag, and Heidi Shey, researched and assessed 20 of the key technologies in this market using Forrester's TechRadar methodology. The resulting report, TechRadar™: Data Security, Q2 2014, became one of the team’s most read research for the year. However, it’s been a year since we finalized and published our research and it’s time for a fresh look.

One can argue that the entirety of the information security market - its solutions, services, and the profession itself - focuses on the security of data. While this is true, there are solutions that focus on securing the data itself or securing access to the data itself - regardless of where data is stored or transmitted or the user population that wants to use it. As S&R pros continue to pursue a shift from a perimeter and device-specific security approach to a more data- and identity-centric security approach, it’s worthwhile to hyper focus on the technology solutions that allow you to do just that....

Last year, we included the following 20 technologies in our research:

  • Archiving
  • Backup encryption
  • Cloud encryption gateways
  • Data classification
  • Data discovery
  • Data loss prevention (DLP)
  • Database encryption and masking
  • Database monitoring and auditing
  • Email encryption
  • Enterprise key management
  • Enterprise rights management
  • File-level encryption
  • Full-disk encryption
  • Identity and access management 
  • Managed file transfer
Read more

Avoid The Information Security Squirrel

Rick Holland

"My master made me this collar. He is a good and smart master and he made me this collar so that I may speak. Squirrel!"  

In the Pixar film Up, squirrels frequently distract Dug the talking dog. In our space, we are frequently distracted by technology. "I am a good and smart security professional; I must protect my enterprise so that we are secure. APT defense in a box!"  

The expo floors at industry events such as the RSA Conference and Blackhat contribute to this. Signage touts the next great piece of technology that will solve all of our security problems. We allow Big Data, security analytics, threat intelligence, and APT defense in a box to distract us.  It is easy to do; there is no shortage of challenges for today’s security and risk professional. The threat landscape is overwhelming. We have problems recruiting and retaining the right staff.  Day-to-day operational duties take up too much time. Our environments are complex, and we struggle to get the appropriate budget.

These “security technology du jour” solutions are very appetizing.  They compel us much like IDS, IPS, and SIM did in the past. We want and need the “easy” button.  Sadly, there is no “easy” button and we must understand that threat protection doesn't equal a product or service; there is no single solution. Technology alone isn't the answer we are looking for. 

Read more