Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

Three Things for Thursday: A Big Week

by Neil MacDonald  |  October 1, 2009  |  2 Comments

1) In this post, I discussed how Macs are indeed vulnerable and provided data showing exactly this. I observed:

The vulnerabilities are there, including users that can be tricked into doing things they shouldn’t. Mac attacks happen and will become more prevalent as the OS continues to gain adoption.

And then I see this article saying making exactly the same point:

During an eye-opening presentation at the VB Conference 2009 conference here, Sophos Labs researcher Dmitry Samosseikko provided a glimpse into the “Partnerka,” a Russian network of spam and malware affiliates that have turned their attention to the Mac platform — using social engineering tricks to load fake codecs and scareware programs.

Sorry to disappoint the Mac users. Your OS is vulnerable, there will be exploits and, just like on Windows, the unpatchable vulnerability (in the form of end-users) will be targeted.

2) In this post, I talked about how DRM and DLP aren’t really separate problems. I stated:

Digital Rights Management (DRM – alternatively Information Rights Management [IRM]) and Data Loss Prevention (DLP) are typically thought of as separate problems with different vendors and solutions targeting each. The market may have evolved this way, but that’s not the way it has to be.

Then I see the announcement this week from McAfee and Adobe. It’s absolutely the right direction, although there’s no reason why an integrated solution has to come from separate vendors.

3) Finally, in this post and in this Gartner research document, I talked about the impact of (then-beta) Microsoft Security Essentials.  The no-cost antivirus/antispwyare protection package was officially released this week. 

Free antivirus and antispyware protection is a good thing. At a minimum, it helps to keep pricing rational for the rest of us, including enterprise users. No one should be paying extra for antispyware in 2009. Demand your Endpoint Protection Platform vendors to deliver more at the same price – just like the rest of IT has gotten for years (Moore’s Law and all).

Why should information security be immune to the trends of commoditization and downward pricing pressure?

 

 

 

2 Comments »

Category: Virtualization Security     Tags:

2 responses so far ↓

  • 1 Three Things for Thursday: A Big Week | Adobe Tutorials   October 1, 2009 at 8:21 pm

    [...] 1) In this post, I discussed how Macs are indeed vulnerable and provided data showing exactly this. Continued here:  Three Things for Thursday: A Big Week [...]

  • 2 Maty Siman   October 5, 2009 at 4:08 am

    Your last comment about the commoditization trends is very true, especially for the SAST market which is becoming mainstream; and expesnsive,process-heavy approaches won’t work in today’s market.