N@N

McAfee, Inc. Announces Results of a Commissioned Study by Independent Research Firm on the State of Web Security

^{Published on 2009-02-17 05:12:15, Last Modified on 2009-02-17 05:14:00 - Market Wire}
 

SANTA CLARA, Calif.--([ BUSINESS WIRE ])--McAfee, Inc. (NYSE:MFE), today announcedthe results of a commissioned study conducted by Forrester Consulting on behalf of McAfee. Forrester surveyed 253 global IT professionals and security decision makers in companies around the world, ranging from 500 to 5000 employees, finding — among other things — that the role of Web filtering is changing from a security-centric function to more of a business function.

Increasing numbers of organizations are using Web filtering beyond basic security protection to incorporate functions such as productivity management, traffic quality of service (QoS) management, and even single sign-on (SSO). The study examined the use of Web 2.0 technology in the enterprise, finding that it will continue to grow in the near future, with social networking and streaming media becoming commonplace, and critical to business operations.

The study suggests that Web 2.0 usage will continue to increase. An increasing number of companies said that Web 2.0 usage takes more than fifty percent of their bandwidth. Sixty three percent of companies surveyed believe that the use of Web 2.0 applications would increase in their organization in the next 12 months, and many respondents indicated that they consider these Web 2.0 applications useful for business purposes. The answers from the US and the European respondents were remarkably similar, signifying a universal acceptance and the trend of increasing Web 2.0 usage across the US and Europe.

Corporations Place DLP high on the list but are slow to implement safety measures:

As McAfee reported three weeks ago in its [ Unsecured Economies ] report, Forrester found that data leaks remain one of the top concerns for organizations. When asked to rate the impact of several Web-related risks, including data leaks, malware, loss of productivity, non-business use of bandwidth, and liability for inappropriate content, respondents chose data leaks as the number one issue on the Web. Although eighty six percent consider data leaks an important threat, when asked what policy they have to govern internal employees contributing content to external blogs and wikis, only sixty eight percent said they impose some form of restriction (either complete block or selective block), while thirty one percent said they do not have any restriction for employees to access these third-party sites.

According to the study, "It is clear DLP is a top-of-mind concern for many organizations. Web communication, however, remains a weak link. Despite the fact many companies in this survey consider data leaks an important business threat, only a small percentage is actually using DLP technologies in outbound Web communication."

Other significant findings include:

• Malware, traditionally distributed via email, is now using the Web as a primary distribution channel. Forty percent of all organizations spent more than $50,000 last year on malware cleanup alone, and nearly twenty percent spent more than $100,000.
• The content security industry, including email and Web filtering, is beginning to exhibit the trend of consolidation. Eighty five percent of all respondents indicated that they would be more likely to employ an integrated content filtering solution that provides centralized policy management, configuration, and integrated DLP.
• Web filtering is taking on functionality outside of security or usage policies. Organizations are realizing that the Web filtering solution may be the right place for other related traffic management functions.

Recommendations Based on Study Findings:

When considering enhancements and next-generation Web filtering technologies, organizations should look to vendors with these capabilities:

• A solid in-the-cloud infrastructure. Today's content security requires integrated analysis that spans Web, email, and even other protocols, including IM, P2P, and VoIP. A successful cross-protocol analysis relies on an in-the-cloud infrastructure that can look across traffic of different types and perform real-time or near-real-time analysis. Such an infrastructure also provides a strong foundation for SaaS or a hybrid delivery model, which is likely to be more widely adopted in the near future.
• Specific Web malware detection. Web malware is different from traditional virus. Many Web malware are script-based, and they can change rapidly and take on many different forms. Traditional signature-based scanning approach is less effective against Web malware. An effective strategy must include script analysis, code analysis, and even sandbox-based behavior analysis.
• Strong integration and consolidation strategy. As indicated by our survey results, organizations — small and large — regard integration and consolidation an important content security strategy. Many point solutions are still managed in separate silos today, although the larger trend points to integration and consolidation. User organizations should consider vendors that have capabilities in multiple content protocols and have a strong integration strategy.

McAfee Responds:

In response to these study findings, McAfee has launched a micro site to raise awareness of Web 2.0 threats, provide essential guidance on threat protection and deliver leading solutions that help organizations protect themselves in today's environment. Additionally, McAfee will host a timely and informative webinar featuring leading industry analyst Chenxi Wang of Forrester Research.

Please join us in this live, interactive webcast to learn what is essential for protecting against existing and future threats when conducting business in the evolving Web environment. For more information, please click here: [ https://www.livemeeting.com/lrs/1100005887/Registration.aspx?pageName=7m2kx38q1sqc154q ]

About McAfee, Inc.

McAfee, Inc., headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee is relentlessly committed to tackling the world's toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. [ http://www.mcafee.com ]

McAfee and/or other noted McAfee related products contained herein are registered trademarks or trademarks of McAfee, Inc., and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. Any other non-McAfee related products, registered and/or unregistered trademarks contained herein is only by reference and are the sole property of their respective owners. © 2009 McAfee, Inc. All rights reserved.