Feeds

Windows is the 'biggest beta test in history' - Gartner

Less is more

  • alert
  • submit to reddit

Security for virtualized datacentres

Spending more on security doesn't necessarily make you more secure, Gartner warned yesterday.

The analyst firm forecasts that information security spending will drop from an average six-to-nine per cent of IT budgets to between four and five per cent as organisations improve security management and efficiency. Victor Wheatman, Gartner security veep, told delegates at the IT Security Summit in London that the most secure organisations spend less than the average and that the lowest spending organisations are the most secure. The businesses can safely reduce the share of security in their overall IT budget to three or four per cent by 2006, he said.

The idea that the most secure organisations spend the most on security was among a number of myths debunked by Wheatman during a keynote before approximately 700 delegates at the Gartner IT security Summit yesterday. He also attacked the popular misconception that "software has to have flaws". Wheatman said this is true only if enterprises continue to buy flawed software, and he singled Microsoft out for particular criticism.

He described Windows as “the biggest beta test in history" and warned warned IT security pros not to expect too much from Microsoft’s vaunted Trustworthy Computing initiative. "Microsoft will try, and there'll be improvement with Longhorn, but it will not solve all your security problems - no matter what the richest man in the world says,” he said. According to Gartner better quality assurance of software is needed before it goes into production. If 50 per cent of vulnerabilities are removed prior to software being put in production then incident response costs would be reduced by 75 per cent, it estimates.

Gartner has identified IT security technologies enterprises will need over the next five years - and other technologies most companies probably won't need. On the enterprise shopping list is host-based intrusion prevention, identity management, 802.1X authentication and gateway spam and AV scanning. Security technologies Gartner reckons most companies can safely do without include personal digital signatures, biometrics, enterprise digital rights management and 500-page security policies. ®

Related stories

Insecurity downtime on the up
'Independent' report used MS-sourced data to trash OSS
Microsoft warns of poisoned picture peril
Investors fret about IT security

Internet Security Threat Report 2014

More from The Register

next story
ONE MILLION people already running Windows 10
A third of them are doing it in VMs, but early feedback focuses on frippery
Netscape Navigator - the browser that started it all - turns 20
It was 20 years ago today, Marc Andreeesen taught the band to play
Sway: Microsoft's new Office app doesn't have an Undo function
Content aggregation, meet the workplace ... oh
Sign off my IT project or I’ll PHONE your MUM
Honestly, it’s a piece of piss
Do Moan! MONSTER 6-day EMAIL OUTAGE hits Domain Monster
Customers freaked out by frightful service
Return of the Jedi – Apache reclaims web server crown
.london, .hamburg and .公司 - that's .com in Chinese - storm the web server charts
NetWare sales revive in China thanks to that man Snowden
If it ain't Microsoft, it's in fashion behind the Great Firewall
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.