Virtual Tradeshow: Compliance Drives Security Awareness, Opportunities
March 18, 2010 8:02 PM ET
Page 1 of 2
Compliance regulations are becoming more stringent but provide a starting point for SMB customers to enhance their IT security infrastructure.
During an Everything Channel Virtual Tradeshow panel Thursday hosted by Editorial Director Kelley Damore, security experts underscored that compliance regulations and an upsurge of data breaches are strong factors in driving security awareness, while opening up the door for channel partners to expand product and service offerings around data protection.
"We're seeing more threats are going from larger enterprise to the smaller enterprise. Now they want to steal the data for profitability," said Alex Quinonez, vice president of Americas operations for Cyberoam.
In general, panelists agreed that increasingly stringent regulatory compliance mandates, such as PCI, Sarbances Oxley and HIPAA have driven the awareness and demand for security across all market segments. However, compliance mandates are often just the beginning of a larger conversation about security, security panelists said.
"You've seen some of these regulations and rules of Internet policies drive a higher awareness," said Scott Lewis, vice president of partner marketing and enablement for Novell. "But never confuse compliance with security"
But although compliance was a factor in awareness, companies were increasingly enhancing their security posture and beefing up infrastructure in order to avoid being the target of a major malware attack or data breach, experts said.
"(Companies) are faced with that CNN moment, where they're forced to let everyone know that they just lost all their data," said Chris Doggett, vice president of global channels for Sophos. "That's where we're seeing security being driven by regulatory compliance issues and then turning to broader risk management issues."
Even still, security awareness is hard to instill in the lower market segments, panelists said. Subsequently, John McDonald, chief evangelist for RSA, the security division of EMC, said that mandatory compliance initiatives are useful to help drive awareness for smaller companies that lack a dedicated IT staff and security expertise. Compliance regulations also "open up a wider range of solutions that could reduce the size and scope of the problem, he said.
"A small- or medium-sized business generally looks at regulatory requirements as a check-off exercise," McDonald said. "The real question is 'what's the risk to my business?'"
One VAR on the panel said his company provided a two-page security checklist for his SMB customers, who often were more focused on running their business than securing their infrastructure.
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
