Attacks/Breaches

10/24/2017
02:00 PM
Dawn Kawamoto
Dawn Kawamoto
Slideshows
50%
50%

10 Steps for Stretching Your IT Security Budget

When the budget gods decline your request for an increase, here are 10 ways to stretch that dollar.
Previous
1 of 11
Next

Image Source: Vadym Nechyporenko via Shutterstock

Image Source: Vadym Nechyporenko via Shutterstock

A whopping 1.9 billion data records were breached during the first half of the year, marking a 164% jump from the same time a year ago. But despite the never-ending rise in attacks and breaches, only 35% of IT professionals expect their organizations to increase security spending in the next 12 months, according to recent surveys.

In other words, IT security budget increases clearly are not keeping up with the rate of breaches and attacks. But despite this shortfall, IT security leaders may have more tools and tricks at their disposal to stretch their budgets than they realize. For example, ever think of joining one of the local security groups on Meetup.com to vet potential hires, rather than plunking down money for a recruiting firm? Or using free tools such as network scanner Nmap, or free apps from IT social media community Spiceworks?

Here are 10 top tips to stretch IT security budgets.

 

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

Previous
1 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: camera, camera everywhere, not a single news to rely on
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-16873
PUBLISHED: 2018-12-14
In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, b...
CVE-2018-16874
PUBLISHED: 2018-12-14
In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters). Specifically, it is only vulnerable in GOPATH mode, but not in mod...
CVE-2018-16875
PUBLISHED: 2018-12-14
The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are ...
CVE-2018-14623
PUBLISHED: 2018-12-14
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is vulne...
CVE-2018-18093
PUBLISHED: 2018-12-14
Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.