Mobile Security By the Numbers
Why IT should be worried
According to recently released data, mobile security exploits were on track to double between 2010 and 2011. [1] The news goes from bad to worse when you factor in these disturbing trends in the toll cyber crime takes on business: [2] Based on a comparison of 2010 and 2011, cyber crime was:
- 44% more common
On average, participating organizations experienced more than one successful cyber attack per company per week.
- 56% more costly
Cyber crime now costs organizations an average of $5.9 million per year.
- On an annualized basis, of total external costs per year:
- Lost productivity accounts for 28%.
- Information theft accounts for 40%.
- On an annualized basis, of total internal costs per year:
- Recovery and detection accounts 45%.
- 67% more time consuming
- The average time to resolve a cyber attack is now 18 days. The average time to contain malicious insider attacks is now 45 days.
Who may not be worrying enough and why
Despite the alarming increases in incidences and costs of security breaches, of the nearly 10,000 business leaders and IT executives who participated in a recent Global Security Survey [3]:
- 51 % said they were postponing security-related capital expenditures.
- 48 % said they were deferring security-related projects. Although spending on technologies to protect Web attach vector increased, including:
- Application firewalls (up from 72 % to 80%)
- Malicious-code-detection tools (up from 72 % to 83 %)
- 43 % identified said their companies are security leaders; although technically, just 13 % actually met the criteria . * See note below.
Note: It is widely accepted that to be considered a true security leader, a company must meet the following criteria:
- It must have a security strategy in place.
- Its IT security team must report to senior business leadership.
- Its security policy must be reviewed on an annual basis.
- It must understand the cause of any security brief it has suffered.
_______________
[1] “IBM X-Force 2011 Mid-Year Trend and Risk Report,” September 2011.
[2] “Second Annual Cost of Cyber Crime Study,” sponsored by HP conducted by the Ponemon Institute, August 2011.
[3] “2011 Global State of Information Security Survey,” PricewaterhouseCoopers, CIO Magazine and CSO Magazine, September 2011.
|
|
Register for an event! To see what events are upcoming, please visit our event page here
brightstack is hiring! To view our job openings, please visit our job center here
|
The 411 on Technology ROI
What ROI is
- Return on Investment (ROI)
- A measurement of costs and expected benefit over time
What ROI is not
- Total Cost of Ownership (TCO)
- A measurement of costs only
Types of ROI
Direct ROI:
- Easy to see, often listed on financial statements
(For example: reduced headcount)
- No more than half of overall value
Indirect ROI:
- Harder to quantify but results in clear competitive advantage
(For example: increases in uptime or productivity)
- A critical driver of business value
How to determine technology ROI
Consider:
- The technology to be implemented
Most technology delivers both direct and indirect ROI. But exactly how much of each depends on how the technology impact operations; for example:
- Collaboration technologies typically have more indirect than direct ROI because they typically impact employee productivity.
- Supply chain technologies typically have more direct than indirect ROI because they have a measurable impact on inventory.
- How and where the technology is to be deployed
Similarly:
- An integration technology typically generates more direct than indirect ROI if used to automate data exchange with customers
- An integration platform used primarily for speeding deployment of internal applications typically generates more indirect than direct ROI.
- The state of the existing IT environment
The amount of change a technology triggers when deployed must also be considered; for example:
- An automatic timekeeping technology deployed in an environment that relies on a manual timekeeping process will generate significant direct ROI.
- Deploying an upgraded version of the same technology in the same environment at a later date, however, will result in indirect ROI.
How long it takes
One year of data collection is generally sufficient to determine the changes in costs and revenues that drive both direct and indirect ROI. It’s an effort well worth making, as solid data will determine just how effective your IT investment has been.
How common is it?
According to a recent survey of business process trends [1] only 17 percent of CFOs measure ROI for outsourcing projects.
_______________
[1] “A Survey of Business Process Initiatives,” Nathaniel Palmer, January 2007
|
|
Cloud-enabled Technology as a Service and the New IT Imperative
There are two IT environments at work in most enterprises today. The internal, physical infrastructure comprised of legacy technology and business processes is the more familiar. But the rapidly developing, external virtual infrastructure may prove to be the more powerful.
Whether it has been tethered to hardware, lost through poor planning or trapped in fragmented processes, much of the business value of these disparate infrastructures has been inaccessible for years. Cloud-enabled Technology as a Service frees this functionality, harnesses it to connectivity and puts it to work for:
Individuals and teams
By providing access to faster, cheaper and more:
- Computing power
- Software tools
- Data storage options
Organizations and communities
By empowering them to:
- Assess and respond to shifting priorities
- Invest in new ideas
- Maximize opportunities and minimize disruptions
- Transform when, where and how people communicate, innovate and learn
|
