Discover Performance

HP Software's community for IT leaders // March 2013
Subscribe

Overview

Closing the app gap on risk

The cloud and mobility make enterprise applications harder to secure than ever. But where the cloud creates a challenge, it can also help create a solution.

Strategic cloud

In depth

IT needs to speak the language of SaaS

Service-based costing provides the vocabulary that will let IT communicate its value to the business—to better manage, and compete with, outside services.

Valuable words

Trend watch

Best practices for secure software development

When it comes to secure software development, there are leaders and there’s everyone else. Learn a few secrets of organizations with top-notch security practices.

Smart moves

CIO insight

The evolution of ESI

HP Security Strategist Rafal Los talks to BlackRock VP John Terrill about the evolution of enterprise security intelligence over the past decade and the fundamentals of mitigating risk.

Watch now

Security index

47
Percentage of total internal security activity that consists of recovery and detection.1

58
Percentage of cyber crime costs caused by denial of service, malicious insider, or web-based attacks (making those crimes the costliest).1

33
Percentage of U.S. employees that would be just as inclined to use their personal device for work purposes even if they knew their online activity can be tracked by their employer.2

One question

Q: Why don’t developers listen on security issues?


A: I offer you two reasons: incentive and choice of development framework. Most development organizations within a company are driven by three overarching factors: 1) deliver what the business wants, 2) do it on time, and 3) do it under budget. When these three things are done, the business is happy, no one complains, the company makes money, and (hopefully) employees get bonuses or salary increases. … In essence, there is no incentive for developers to take the extra time and effort to make a feature secure, if making it secure does not result in any appreciable outcome. How many developers do you know that tout how secure their code was during their annual performance reviews? … If you want to change this culture, we as security professionals are going to have to change those three factors that drive the development organization’s work.


— Matt Presson, senior information security analyst, Willis, on the Wh1t3 Rabbit security blog

1 “2012 Cost of Cyber Crime Study: United States,” The Ponemon Institute, October 2012

2 “2012 IT Risk/Reward Barometer: US Consumer Edition ,” ISACA, November 2012


x

IT leader assessment

This tool evaluates the correlation between IT attributes and business success and, based on how your answers compare with average scores, will advise you where to invest in IT.

It is based on data HP collected from 650 global companies about a range of IT characteristics (server capacities, approach to information management, security, BYOD, etc.) and how they correlate to revenue gain. This assessment will compare your answers to the average scores in that study.

There are 12 questions that will require an estimated 10 minutes of your time. You'll receive a summary of your rating upon completion.



Let's get started
x

Please select an answer.
x

Analysis:

Your answer:
Your score:
Average score:
Revenue leaders' score:


x

Please select an answer.


x

Results

Your score:
Average score:
Revenue leaders' score:


Get detailed results:

Popular tags

Most read articles

Discover Performance

Archive