Click here to close now.


News Feed Item

Ponemon Institute Releases Study on Security Risk Technology

Digital Defense, Inc. (DDI), a global security risk assessment provider, has released the final report of a Ponemon Institute commissioned study, Vulnerability Data Refinery Validation Study, that evaluates the market receptiveness to the company’s new security technology. The report follows the June release of the study’s preliminary findings which were disseminated during the Gartner Security & Risk Management Summit and includes deeper context surrounding the findings.

DDI’s new Vulnerability Data Refinery (VDR) offering refines data from a variety of assessment sources producing higher quality guidance to remediation teams to more efficiently address findings. Through integration via application programming interfaces, the VDR also provides more intelligent guidance to enforcement technologies to protect information assets on a more proactive basis.

The Ponemon study included participation primarily by senior information security professionals, with 58% representation from Chief Information Security Officers (CISOs). Key findings of the report include:

  • 93% of respondents associated high levels of importance with VDR’s vendor agnostic capability (58% very important; 35% important).
  • 95% of respondents indicated strong levels of importance (65% very important; 30% important) associated with the capability for VDR to improve the accuracy of standalone security intelligence tools by importing data from complementary and overlapping data sources.
  • 80% of research respondents positively rated the VDR design (50% very positive and 30% positive).

Qualitative results, as noted in verbatim responses below, demonstrate the need for technology that can increase efficiencies and accuracy in identifying true risk through the refinement of assessment data.

“I especially like the idea of using existing threat assessment tools and intelligence feeds from different vendors.”

“I would gladly implement this (VDR) solution for the right cost.”

“I’m a big fan of risk-based security frameworks…The three-way exam of risk -- namely network weakness, threat and value of the underlying information assets is brilliant.”

Dr. Larry Ponemon, chairman and founder of Ponemon Institute, states, “A majority of respondents in the study believe cyber attacks diminish their organization’s economic viability bottom line or mission. They also acknowledge the reputational impact with customers and business partners as a result of system downtime caused by cyber attacks. In summary, we believe that there is significant market demand and opportunities for solutions such as VDR.”

DDI’s executive vice president and chief technology officer Gordon MacKay, who has been spearheading the company’s development of VDR, also commented on the research. “This study provides valuable insight to move forward with refinement of VDR. In addition to the quantitative data, the qualitative feedback will be instrumental in evaluating how the technology is rolled out. We have been promoting the importance of scan reconciliation for years and the results further validate the need for this process in order for organizations truly understand their security posture.” MacKay can be followed at Twitter @gord_mackay

About Digital Defense

Founded in 1999, Digital Defense, Inc. (DDI) is a premier provider of managed security risk assessment solutions protecting billions in assets for small businesses to Fortune companies in over 65 countries. DDI’s dedicated team of experts helps organizations establish a culture of security through regular information security assessments, awareness education and decisive security intelligence. This proven method bolsters the capability of organizations to reduce risk and keep information, intellectual property and reputations secure. The combination of DDI’s certified security analysts, patent-pending scanning technology and proprietary cloud-based vulnerability management system, Frontline™ Solutions Platform, delivers one of the most powerful assessment results and remediation management solutions possible. Contact DDI at 888-273-1412 or

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that G2G3 will exhibit at SYS-CON's @DevOpsSummit Silicon Valley, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Based on a collective appreciation for user experience, design, and technology, G2G3 is uniquely qualified and motivated to redefine how organizations and people engage in an increasingly digital world.
Recently announced Azure Data Lake addresses the big data 3V challenges; volume, velocity and variety. It is one more storage feature in addition to blobs and SQL Azure database. Azure Data Lake (should have been Azure Data Ocean IMHO) is really omnipotent. Just look at the key capabilities of Azure Data Lake:
SYS-CON Events announced today that IBM Cloud Data Services has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IBM Cloud Data Services offers a portfolio of integrated, best-of-breed cloud data services for developers focused on mobile computing and analytics use cases.
In his session at @ThingsExpo, Tony Shan, Chief Architect at CTS, will explore the synergy of Big Data and IoT. First he will take a closer look at the Internet of Things and Big Data individually, in terms of what, which, why, where, when, who, how and how much. Then he will explore the relationship between IoT and Big Data. Specifically, he will drill down to how the 4Vs aspects intersect with IoT: Volume, Variety, Velocity and Value. In turn, Tony will analyze how the key components of IoT ...
When it comes to IoT in the enterprise, namely the commercial building and hospitality markets, a benefit not getting the attention it deserves is energy efficiency, and IoT’s direct impact on a cleaner, greener environment when installed in smart buildings. Until now clean technology was offered piecemeal and led with point solutions that require significant systems integration to orchestrate and deploy. There didn't exist a 'top down' approach that can manage and monitor the way a Smart Buildi...
SYS-CON Events announced today that Cloud Raxak has been named “Media & Session Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Raxak Protect automates security compliance across private and public clouds. Using the SaaS tool or managed service, developers can deploy cloud apps quickly, cost-effectively, and without error.
As-a-service models offer huge opportunities, but also complicate security. It may seem that the easiest way to migrate to a new architectural model is to let others, experts in their field, do the work. This has given rise to many as-a-service models throughout the industry and across the entire technology stack, from software to infrastructure. While this has unlocked huge opportunities to accelerate the deployment of new capabilities or increase economic efficiencies within an organization, i...
“All our customers are looking at the cloud ecosystem as an important part of their overall product strategy. Some see it evolve as a multi-cloud / hybrid cloud strategy, while others are embracing all forms of cloud offerings like PaaS, IaaS and SaaS in their solutions,” noted Suhas Joshi, Vice President – Technology, at Harbinger Group, in this exclusive Q&A with Cloud Expo Conference Chair Roger Strukhoff.
Scott Guthrie's keynote presentation "Journey to the intelligent cloud" is a must view video. This is from AzureCon 2015, September 29, 2015 I have reproduced some screen shots in case you are unable to view this long video for one reason or another. One of the highlights is 3 datacenters coming on line in India.
“The Internet of Things transforms the way organizations leverage machine data and gain insights from it,” noted Splunk’s CTO Snehal Antani, as Splunk announced accelerated momentum in Industrial Data and the IoT. The trend is driven by Splunk’s continued investment in its products and partner ecosystem as well as the creativity of customers and the flexibility to deploy Splunk IoT solutions as software, cloud services or in a hybrid environment. Customers are using Splunk® solutions to collect ...
SYS-CON Events announced today that ProfitBricks, the provider of painless cloud infrastructure, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. ProfitBricks is the IaaS provider that offers a painless cloud experience for all IT users, with no learning curve. ProfitBricks boasts flexible cloud servers and networking, an integrated Data Center Designer tool for visual control over the...
You have your devices and your data, but what about the rest of your Internet of Things story? Two popular classes of technologies that nicely handle the Big Data analytics for Internet of Things are Apache Hadoop and NoSQL. Hadoop is designed for parallelizing analytical work across many servers and is ideal for the massive data volumes you create with IoT devices. NoSQL databases such as Apache HBase are ideal for storing and retrieving IoT data as “time series data.”
Clearly the way forward is to move to cloud be it bare metal, VMs or containers. One aspect of the current public clouds that is slowing this cloud migration is cloud lock-in. Every cloud vendor is trying to make it very difficult to move out once a customer has chosen their cloud. In his session at 17th Cloud Expo, Naveen Nimmu, CEO of Clouber, Inc., will advocate that making the inter-cloud migration as simple as changing airlines would help the entire industry to quickly adopt the cloud wit...
As the world moves towards more DevOps and microservices, application deployment to the cloud ought to become a lot simpler. The microservices architecture, which is the basis of many new age distributed systems such as OpenStack, NetFlix and so on, is at the heart of Cloud Foundry - a complete developer-oriented Platform as a Service (PaaS) that is IaaS agnostic and supports vCloud, OpenStack and AWS. In his session at 17th Cloud Expo, Raghavan "Rags" Srinivas, an Architect/Developer Evangeli...
SYS-CON Events announced today that VividCortex, the monitoring solution for the modern data system, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The database is the heart of most applications, but it’s also the part that’s hardest to scale, monitor, and optimize even as it’s growing 50% year over year. VividCortex is the first unified suite of database monitoring tools specifically desi...