Singapore companies are too trusting with their data, and are all too willing to give out confidential information to vendors and partners.

That's according to a security expert in the United States, who says that this creates a hotbed for cybercrimes like data theft.

Mr Bryan Sartin, director of investigative response at Verizon Business, said the trend for big firms in Singapore is to give their partners more security access to confidential data than they do for their own employees.

"They are certainly not too trusting of their own employees. So why are they more trusting of their vendors?" asked Mr Sartin, who has over 15 years of security experience.

One recent case of a firm that ran into problems with its vendor is DBS Bank, which outsourced its network and mainframe functions to software giant IBM in 2002. Last month, a fault on IBM's end caused an islandwide disruption of DBS' consumer-banking services.

Mr Sartin added that Singapore should be on guard as it is a target for cybercrimes, due to its high concentration of multinational firms and financial institutions.

A global data-breach report released last month by Verizon and the US Secret Service showed that 94 per cent of all the records compromised last year came from the financial-services sector.

Another emerging security concern that Mr Sartin believes will hit Singapore is the role of employees in data breaches.

Cybercriminals, in an effort to cover their tracks, enlist the help of disgruntled insiders to steal data, or bribe employees to hand over their company log-in details.


Read full article.

Businesses are seeing an increase in malicious insider activity, according to the 2010 Data Breach Report from Verizon Business released last week.

But it is not just insider threats that are a concern to businesses. External threats targeting cloud services are also increasing. For example, last month US-based telco AT&T’s servers were breached. This resulted in the leakage of 114,000 email addresses of government and military officials.

So how can CIOs mitigate such attacks?

Insider risk
First, it is important to understand why they are increasing. Paul Henry, forensic and security analyst at Lumension, a global IT security provider, said: “It is partly driven by the economy. In a good economy you only need to worry about bad people doing bad things. In a bad economy, some of the good people are driven the same way.”

Increased regulation
Last week information security professionals body the Information Systems Audit and Control Association said reporting data security breaches should be mandatory in quarterly and annual company reports. Many firms only become aware of data breaches when notified by a third party – regulation will help them prioritise maintenance of their security infrastructure.

Cloud computing
If a company uses cloud computing, much of the network infrastructure moves outside of its direct control. This brings its own risks, as Henry explained.


Read full story.



About Lumension Security, Inc.

Lumension Security, Inc., a global leader in endpoint management and security, develops, integrates and markets security software solutions that help businesses protect their vital information and manage critical risk across network and endpoint assets. Lumension enables more than 5,100 customers worldwide to achieve optimal security and IT success by delivering a proven and award-winning solution portfolio that includes Vulnerability Management, Endpoint Protection, Data Protection, Antivirus and Reporting and Compliance offerings. Lumension is known for providing world-class customer support and services 24x7, 365 days a year. Headquartered in Scottsdale, Arizona, Lumension has operations worldwide, including Virginia, Texas, Utah, Florida, Ireland, Luxembourg, the United Kingdom, Australia, and Singapore. Lumension: IT Secured. Success Optimized.™ More information can be found at www.lumension.com.


Email us at marketing@quantiqint.com to learn more now!

Gartner has predicted that the security software market will grow by 11 per cent this year.

Its analysts have said that the security software markets will weather the current economic downturn better than in 2001 and 2002, because the market conditions are dramatically different in terms of maturity, penetration, confidence in IT and geographic and vertical mix.

With worldwide security software revenue forecast to surpass $16.5 billion in 2010, this marks an 11.3 per cent increase from the 2009 revenue of $14.8 billion. A key growth area is in identity and access management, which Gartner clients said takes around eight per cent of their security budgets.

Ruggero Contu, principal research analyst at Gartner, said: “Most segments of the security software market will continue to grow over the next few years, although a significant degree of variation is expected between the more-established and less-mature technologies.

“Security software vendors that have a balanced mix of channel, new licence and maintenance revenue streams and flexibility in contractual terms, such as Software-as-a-Service (SaaS), open source and outsourcing, have the strongest options for continued growth and to even out the risk.

“Shrinking discretionary spending budgets have heightened competition for new maintenance and licence revenue streams and placed a renewed emphasis on vendor performance and viability.”

Matthew Cheung, senior research analyst at Gartner, predicted that virtual products and appliances will continue to overtake traditional software licensing as the preferred purchasing method over the next six to 12 months.

Read full article.


About Cyber-Ark

Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, applications and highly-sensitive information to improve compliance, productivity and protect organizations against insider threats. With its award-winning Privileged Identity Management (PIM) and Highly-Sensitive Information Management software, organizations can more effectively manage and govern application access while demonstrating returns on security investments. Cyber-Ark works with more than 700 global customers, including more than 35 percent of the Fortune 50. Headquartered in Newton, Mass., Cyber-Ark has offices and authorized partners in North America, Europe and Asia Pacific. For more information, visit www.cyber-ark.com.


Email us at marketing@quantiqint.com to learn more now!

Leading Security-Solutions Provider Selects Xceedium GateKeeper to Meet Their Clients Increasing Access Control & Audit Needs

Xceedium Inc., the leader in Zero Trust Access Control, and FishNet Security, the nation's leading provider of information security solutions, today announced a strategic partnership agreement that will allow FishNet to offer their clients the Xceedium GateKeeper. The Xceedium GateKeeper is a Zero Trust Access Control system that integrates easily into existing network and security infrastructure and allows organizations to meet security and compliance needs by controlling and auditing privileged access to critical IT infrastructure and regulated data.

Kansas City, Missouri-based FishNet Security specializes in providing corporations and government agencies with enterprise-class security solutions tailored to meet their unique security needs. Under the terms of the agreement between the companies, FishNet Security will resell the Xceedium GateKeeper across North America and provide turnkey installation, deployment, and integration services. The two companies have already partnered to implement the Xceedium GateKeeper solution within several major corporations to date. This initial set of customers is using the product to control and audit privileged access to IT infrastructure and regulated data by vendors, contractors and administrators. The solution has allowed them to address the business imperative of providing broad access to employees and partners while also meeting compliance and security risk management requirements for audit-quality logging and proof of controls.

“Our agreement with Xceedium lets us provide our customers with a unique all-in-one solution for access control and audit, which allows us to address the increasing security and compliance demands we are seeing in the marketplace,” said Gordon Shevlin, FishNet Security Executive Vice President of Vendor Relations. “We have already partnered on several enterprise projects and deployments, including installations at a number of Fortune 500 companies. We are pleased to formalize what we know will continue to be a very strategic and mutually rewarding partnership.”

“FishNet Security is one of the most respected reseller brands in the security market and our partnership with them has had an immediate impact on new business,” said Jay A. Zimmet, Executive Vice President, Global Sales of Xceedium, Inc. “FishNet Security serves numerous customers in the regulated industries, including energy, financial services, healthcare, and retail where the need for a Zero Trust Access Control solution is critical to meeting their regulatory compliance mandates. FishNet Security’s expertise and emphasis on providing total security solutions ensures that our mutual customers will experience the maximum value from this compelling new security offering.”

About FishNet Security

FishNet Security is the number 1 provider of information security solutions that combine technology, services, support and training. Organizations are opening their computing environments to accelerate business initiatives and are concerned about the increase in risk. FishNet Security provides the most comprehensive security offering which enables clients to effectively manage risk, meet compliance requirements, and reduce costs while maximizing security effectiveness and operational efficiency. Unlike Systems Integrators, Technology Resellers, and VARS who have limited offerings, security knowledge, and experience, FishNet Security is committed to information security excellence, has the most comprehensive offering and a track record of delivering quality solutions to over 4,500 clients nationwide. For more information visit www.fishnetsecurity.com.


About Xceedium

Xceedium Inc., is the leading provider of Zero Trust Access Control solutions for managing access to critical infrastructure and sensitive data by privileged users, 3rd-party vendors, and contractors.

Employing unique and patent-pending technologies, the Xceedium GateKeeper hardened appliance enables organizations to extend and manage access while safeguarding business critical assets, demonstrating compliance and decreasing business risk. Its key differentiators lie in its ability to enforce policy by identity, contain users based on the user’s explicit privileges, and record users for audit and compliance. Deployed in the largest enterprise, and federal government environments, Xceedium’s ever-expanding client base includes household names in financial services, healthcare, pharmaceutical, retail, MSP and other key verticals.

Headquartered in New Jersey with offices in Virginia, Xceedium has been honored with a number of prestigious industry awards, including recognition by Forrester Research as a “Hot Company to Watch,” by Gartner, Inc. as a “Cool Vendor in Infrastructure Protection 2009,” and by Red Herring as a “Top 100 Global Company.” For more information, visit www.xceedium.com.