Discover PerformanceHP Software's community for IT leaders // April 2014
Rate your security, but don’t aim too high
A new report offers a new scale for measuring security maturity—and finds that it’s not necessarily best to be the best.Middle road
HP customer TELUS protects customers with HP ArcSight
Hernan Barros, director of product management at security solutions provider TELUS, uses HP ArcSight to isolate threats before customers are hit.Watch now
How to make the mobile era more secure
Bloomberg provides a perspective on mobile security. It’s not easy, but rethinking some assumptions will open new paths.Safer moves
Has enterprise IT lost the security war?
HP Enterprise Security CTO Jacob West talks risk management in Paul Muller's “Discover Performance Weekly” video series.Fight on
Most read articles
Preparing today for tomorrow’s threats.
Introduction to Enterprise 20/20
What will a successful enterprise look like in the future?
Challenges and opportunities for the CIO of the future.
Dev Center 20/20
How will we organize development centers for the apps that will power our enterprises?
Welcome to a new reality of split-second decisions and marketing by the numbers.
IT Operations 20/20
How can you achieve the data center of the future?
What the workforce of 2020 can expect from IT, and what IT can expect from the workforce.
Looking toward the era when everyone — and everything — is connected.
Data Center 20/20
The innovation and revenue engine of the enterprise.
Join thousands of IT execs, engineers, and solution experts to explore IT trends, strategies, and best practices. (Barcelona,
HP Software’s Paul Muller hosts a weekly video digging into the hottest IT issues. Check out the latest episodes.
Percentage of applications tested that exhibited weaknesses revealing information about the application, implementation, or user.1
Percentage of mobile iOS and Android applications that use encryption improperly.1
Percentage of applications that contain vulnerabilities exposed by incorrect configuration (only 15.9 percent of vulnerabilities were due to code quality).1
Q: What’s the biggest shortcoming of the White House’s Cybersecurity Framework?
A: Put simply, there’s no teeth to the new standards, as compliance is completely voluntary. So why are security standards for critical pieces of infrastructure not mandatory? For one, the political gridlock that has affected most things has also impacted security efforts. […] But more so, it’s because the fear of governmental backdoors and spying has created a climate of fear inhospitable to any legislation that would require mandatory measures (or network access) for any industry. Corporations have fought back hard against any meaningful legislation. After Snowden, it’s hard to find fault with that. But for things whose security affects all of us, there has to be something better than “enlightened self-interest.”
— Mark Painter, HP Security Evangelist, on the HP Security Products blog