IT security is constantly changing, which means it can be hard for businesses to keep up. This guide from CompTIA educates IT solution providers on the importance of providing clients with up-to-date IT security, identifies the risks of inadequate or poor security, and examines the technology shifts and factors affecting security in in the workplace.
Protecting Corporate Information in the CloudSymantec
Keeping Your Data Safe: Protecting Corporate Information in the Cloud is an insights-driven thought leadership study conducted by WSJ. Custom Studios in collaboration with Symantec Corporation. The goal of this research is to better understand worldwide cloud adoption across leading organizations and the challenges associated with its use. This survey also explores attitudes toward security as well as the behaviors that can lead to potential data loss and security breaches.
An online survey was conducted from February to March 2015 among 360 global business and IT executives with 180 respondents from the United States, 60 from the United Kingdom, 60 from Germany and 60 from Japan. Of these, 15% are CEOs, presidents or owners; 14% are CIOs/CTOs/CSOs; 5% are other C-level executives; 13% are heads of business units or EVPs/VPs/directors; 23% are IT/security professionals; and 30% are managers or other business professionals (e.g., engineering, research and development, sales, legal and compliance, etc.).
Frukostseminarium om molntjänster, 19 mars 2015, Rigoletto.
Talare: Erkan Kahraman, Projectplace och Geir Arild Engh-Hellesvik, Transcendent Group Norge.
The Evolution of Data Privacy: 3 things you didn’t knowSymantec
The European Union’s proposed General Data Protection Regulation (GDPR) has left even the most informed confused. This new regulation has been designed to update the current directive which was drafted in a time that was in technology terms, prehistoric. It’s time to evolve.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Protecting Corporate Information in the CloudSymantec
Keeping Your Data Safe: Protecting Corporate Information in the Cloud is an insights-driven thought leadership study conducted by WSJ. Custom Studios in collaboration with Symantec Corporation. The goal of this research is to better understand worldwide cloud adoption across leading organizations and the challenges associated with its use. This survey also explores attitudes toward security as well as the behaviors that can lead to potential data loss and security breaches.
An online survey was conducted from February to March 2015 among 360 global business and IT executives with 180 respondents from the United States, 60 from the United Kingdom, 60 from Germany and 60 from Japan. Of these, 15% are CEOs, presidents or owners; 14% are CIOs/CTOs/CSOs; 5% are other C-level executives; 13% are heads of business units or EVPs/VPs/directors; 23% are IT/security professionals; and 30% are managers or other business professionals (e.g., engineering, research and development, sales, legal and compliance, etc.).
Frukostseminarium om molntjänster, 19 mars 2015, Rigoletto.
Talare: Erkan Kahraman, Projectplace och Geir Arild Engh-Hellesvik, Transcendent Group Norge.
The Evolution of Data Privacy: 3 things you didn’t knowSymantec
The European Union’s proposed General Data Protection Regulation (GDPR) has left even the most informed confused. This new regulation has been designed to update the current directive which was drafted in a time that was in technology terms, prehistoric. It’s time to evolve.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Most security breaches are caused by human error and poor security discipline. For instance, in April 2011, it was discovered that the personal and confidential data of 3.5 million teachers, state workers and retirees in the state of Texas was lying unprotected on the Internet closely for a year.
Analyst Report: The Digital Universe in 2020 - ChinaEMC
This IDC Country Brief discusses China, where the amount of data created, replicated, and consumed each year will grow 24-fold between 2012 and 2020, according to the 2012 IDC Digital Universe study, sponsored by EMC.
The Essential Ingredient for Today's EnterpriseReadWrite
The innovation that comes with the mobile enterprise are immense but problems come with this new world of devices. Namely the huge security concerns that arise. Devices can carry so much important information. How do you control it?
This paper from CIO Custom Solutions Group examines the mobile security landscape, including myths surrounding the risks and threats, and how organizations can establish a solid mobile security strategy.
Omlis Data Breaches Report - An Inside Perspective Omlis
The rise in digital and mobile financial services has introduced an onset of increased data breaches over the last few years. The digital revolution has undermined the traditional framework used to regulate financial institutions, which has led to areas of vulnerability within their security systems.
In the report, Data Breaches: An Inside Perspective, Omlis conducted in-depth interviews with experienced cyber security professionals to understand why TFIs (traditional financial institutions) aren't adequately addressing security weaknesses.
In our research, the discussions centered on the types of security systems employed by TFIs, personal and industry-wide attitudes to security, and the types of security measures used to prevent breaches.
The findings indicate that TFIs current preference towards technology creates an increasingly complex system with associated vulnerabilities and ultimately it requires greater manual input for maintenance and updates.
There are also issues related to the attitudes of employees and difficulties implementing comprehensive and in-depth incident strategies.
Taking this into account, the report suggests a new direction for TFI's security systems to provide secure, innovative solutions.
The Evolution of Data Privacy: 3 Things You Need To ConsiderSymantec
The European Union’s proposed General Data Protection Regulation (GDPR) has left even the most informed confused. This new regulation has been designed
to update the current directive which was drafted in a time that was in technology terms, prehistoric. It’s time to evolve.
Network Security Policy Automation and Orchestration for Policing
How do police forces and other law enforcement agencies turn network security into an enablement solution to ensure policing effectiveness?
This Tufin white paper lists the five critical steps of adopting network security automation and reviews how to address the challenges of increasing agility and enabling the business.
With the new General Data Protection Regulation (GDPR) set to launch in May of 2018, many are wondering how it will change the way they do business. In this presentation, we explore how to ensure compliance of the new regulation.
Want more on GDPR compliance? Join us for this FREE virtual event: http://info.aiim.org/data-privacy-data-protection-gdpr
Portal Authentication: A Balancing Act Between Security Usability and Complia...PortalGuard
Virtually every organization maintains highly sensitive information to which it must
control strict access. These data sources might include customer databases, CRM
systems, repositories of financial information and the like. Increasingly, these content
sources are accessed through portals Microsoft SharePoint and other solutions.
Importantly, SharePoint is among the leaders in Gartner’s 2013 Magic Quadrant for
horizontal portalsi.
http://www.portalguard.com
Presentation given by Dr K Subramanian, Director and Professor, Advance Centre for Informatic and Innovative Learning IGNOU on August 3rd, 2011 at eWorld Forum (www.eworldforum.net) in the session Information Management and Security
This white paper examines the need for strong authentication and explores the return on investment that can be realized in order to help organizations move toward more effective security.
Creating Sustainable Careers in Information TechnologyCompTIA
What can the industry do to combat the widening IT skills gap? The Creating IT Futures Foundation offers lessons learned from its IT-Ready Apprentice program which is pioneering new methods in workforce development and bringing diverse populations into the IT workforce.
Most security breaches are caused by human error and poor security discipline. For instance, in April 2011, it was discovered that the personal and confidential data of 3.5 million teachers, state workers and retirees in the state of Texas was lying unprotected on the Internet closely for a year.
Analyst Report: The Digital Universe in 2020 - ChinaEMC
This IDC Country Brief discusses China, where the amount of data created, replicated, and consumed each year will grow 24-fold between 2012 and 2020, according to the 2012 IDC Digital Universe study, sponsored by EMC.
The Essential Ingredient for Today's EnterpriseReadWrite
The innovation that comes with the mobile enterprise are immense but problems come with this new world of devices. Namely the huge security concerns that arise. Devices can carry so much important information. How do you control it?
This paper from CIO Custom Solutions Group examines the mobile security landscape, including myths surrounding the risks and threats, and how organizations can establish a solid mobile security strategy.
Omlis Data Breaches Report - An Inside Perspective Omlis
The rise in digital and mobile financial services has introduced an onset of increased data breaches over the last few years. The digital revolution has undermined the traditional framework used to regulate financial institutions, which has led to areas of vulnerability within their security systems.
In the report, Data Breaches: An Inside Perspective, Omlis conducted in-depth interviews with experienced cyber security professionals to understand why TFIs (traditional financial institutions) aren't adequately addressing security weaknesses.
In our research, the discussions centered on the types of security systems employed by TFIs, personal and industry-wide attitudes to security, and the types of security measures used to prevent breaches.
The findings indicate that TFIs current preference towards technology creates an increasingly complex system with associated vulnerabilities and ultimately it requires greater manual input for maintenance and updates.
There are also issues related to the attitudes of employees and difficulties implementing comprehensive and in-depth incident strategies.
Taking this into account, the report suggests a new direction for TFI's security systems to provide secure, innovative solutions.
The Evolution of Data Privacy: 3 Things You Need To ConsiderSymantec
The European Union’s proposed General Data Protection Regulation (GDPR) has left even the most informed confused. This new regulation has been designed
to update the current directive which was drafted in a time that was in technology terms, prehistoric. It’s time to evolve.
Network Security Policy Automation and Orchestration for Policing
How do police forces and other law enforcement agencies turn network security into an enablement solution to ensure policing effectiveness?
This Tufin white paper lists the five critical steps of adopting network security automation and reviews how to address the challenges of increasing agility and enabling the business.
With the new General Data Protection Regulation (GDPR) set to launch in May of 2018, many are wondering how it will change the way they do business. In this presentation, we explore how to ensure compliance of the new regulation.
Want more on GDPR compliance? Join us for this FREE virtual event: http://info.aiim.org/data-privacy-data-protection-gdpr
Portal Authentication: A Balancing Act Between Security Usability and Complia...PortalGuard
Virtually every organization maintains highly sensitive information to which it must
control strict access. These data sources might include customer databases, CRM
systems, repositories of financial information and the like. Increasingly, these content
sources are accessed through portals Microsoft SharePoint and other solutions.
Importantly, SharePoint is among the leaders in Gartner’s 2013 Magic Quadrant for
horizontal portalsi.
http://www.portalguard.com
Presentation given by Dr K Subramanian, Director and Professor, Advance Centre for Informatic and Innovative Learning IGNOU on August 3rd, 2011 at eWorld Forum (www.eworldforum.net) in the session Information Management and Security
This white paper examines the need for strong authentication and explores the return on investment that can be realized in order to help organizations move toward more effective security.
Creating Sustainable Careers in Information TechnologyCompTIA
What can the industry do to combat the widening IT skills gap? The Creating IT Futures Foundation offers lessons learned from its IT-Ready Apprentice program which is pioneering new methods in workforce development and bringing diverse populations into the IT workforce.
CompTIA projects global industry growth of 4.1 percent in 2017. The IT Industry Outlook 2017 identifies 12 trends – in technology, workforce and the IT channel – likely to impact the industry this year.
Industrial Control Systems Go Mobile in the CloudLockheed Martin
Industrial control systems are increasingly becoming interconnected with local area networks, wide area networks, extranet networks, and cloud computing environments. Cloud and mobile technologies provide a competitive advantage for global companies. In this research, a DevOps approach to cloud-based applications development was used to create a capability for industrial control systems management and reporting.
Trends in the IT Profession Annotated BibliographyAdemola Adeleke.docxwillcoxjanay
Trends in the IT Profession: Annotated BibliographyAdemola Adeleke
Trends in IT 3University of Maryland University College
Trends in the IT Profession – an Annotated Bibliography
As IT professionals we must understand a range of technical and not-so-technical topics, and subjects and applications, both at the industry level but as well in a way that can be explained to clients and professionals in other fields who may or may not be familiar with the technical aspects of marrying business functions with technology. When at all possible a company should assign an IT professional to a business that the IT professional already understands. The speed of innovation, change, and improvement in technology makes this an on-going task. Depending on the business and its needs for technical systems and support, the IT professional’s expertise must include understanding of network infrastructures, in-depth knowledge of applications like database creation and maintenance, web security, and maintaining system integrity including backup and recovery processes. Because business has become so dependent on technology and IT professionals, many of these topics are covered in the mainstream press while others are know-well only by trained and experienced professionals – and all degrees in-between. Due to recent security breaches both at private and government levels, many more people now are familiar with Cloud Computing Services, security breaches, methods of backup and recovery, and legal liabilities and insurance. This research combines all three into a single study that will aid in understanding and explaining these trends to clients as well as other professionals and rather than ordered alphabetically, are organized in order to tell a story and more easily explain these trends.
Annotated Bibliography
Knorr, E., & Gruman, G. (Apr 7, 2008). What Cloud computing really means. In Info World on Infoworld.com. http://www.infoworld.com/d/Cloud-computing/what-Cloud-computing-really-means-031
While this article is somewhat dated, it gives a good overview and informs IT professionals as to the level of understanding clients might have. Knorr and Gruman explain how everyone has his or her own definition and understanding of “the Cloud.” Cloud computing is a value proposition to IT professionals because it is a needed tool for businesses that operate across a wide geography with employees that all need access to the same information and data. Cloud computing is the early stages could be explained to non-professionals by pointing-out how their emails are not really contained on their computer but instead are kept and stored on the email providers “Cloud-based” servers. This is known simply as “Web services in a Cloud” by a “managed service providers” (MSP). Infoworld talks to and keeps current with many vendors who provides services such as Saas, Utility computing, Platform as a service (PAS), Service commerce platforms, and Internet integration, to get various opini ...
The SolarWinds hack, first detected in December 2020 and referred to as “the largest and most sophisticated attack the world has ever seen” by the president of Microsoft, was a watershed moment in cybersecurity. Hundreds of organizations, including Fortune 500 companies and government agencies, were affected, with sensitive data compromised. A year on, a major study conducted by Splunk has found that 78% of companies expect the same thing to happen again.
Networking Plus December 2014: Connecting Mobile WorkersEric Wong
An excerpt from magazine where Peplink, Citrix, Vodafone and Cisco voice their thoughts on BYOD, mobile and remote workers, and the devices that make it possible.
Virtual Data Room Industry Growth Statistics and Trends.pdfHokme
The virtual data room market is expected to grow exponentially at a CAGR of 15..12% for 2021-2026. This is because businesses appreciate the innumerable advantages of a room, like no need for physical storage space, less paperwork, reduced overhead costs, saves travel time and money. Moreover, it is entirely secure.
James F. Fox, information security practice lead at Booz Allen Hamilton MENA, discusses the critical issue of mobile security, and what it means for telcos.
Delivering operational efficiency and lower costs through an integrated approach to network security management
Q1 Labs is a global provider of high-value, cost-effective network security management products. The company's next-generation security information and event management (SIEM) offering, QRadar, integrates functions typically segmented by first generation solutions - including log management, SIEM and network activity monitoring - into a total security intelligence solution. QRadar provides users with crucial visibility into what is occurring with their networks, data centers, and applications to better protect IT assets and meet regulatory requirements. By deploying QRadar, organizations greatly enhance their IT security programs and meet the following specific security requirements.
CompTIA IT Employment Tracker – December 2021CompTIA
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA IT Employment Tracker – November 2021CompTIA
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA IT Employment Tracker – October 2021CompTIA
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA IT Employment Tracker – September 2021CompTIA
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA's Trends in Automation research study examines the investments companies are making and the challenges they face as they automate business processes
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA's IT Operations and Emerging Tech tracker monitors the investments companies are making across the four pillars of IT and the adoption of emerging technology.
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA's Trends in Help Desk survey explores the areas businesses are focusing on as they manage their help desk function, including IT priorities, required skills, and emerging technologies.
CompTIA IT Employment Tracker – February 2021CompTIA
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA’s annual Industry Outlook report examines 10 trends that businesses will use as they rebuild from a challenging year, along with focused sections on expectations for IT professionals and for IT channel firms.
CompTIA IT Employment Tracker - January 2021CompTIA
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA IT Employment Tracker – November 2020CompTIA
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA IT Employment Tracker – October 2020CompTIA
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA IT Employment Tracker – September 2020CompTIA
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
CompTIA IT Employment Tracker – August 2020CompTIA
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
Monthly data, analysis, and trending covering the state of employment in the information technology (IT) sector and IT occupations. Released in conjunction with the U.S. Bureau of Labor Statistics monthly employment update. #JobsReport
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
The Art of the Pitch: WordPress Relationships and Sales
Quick Start Guide to IT Security for Businesses
1. Eight Steps to
IT Security Success
A practical guide for solution providers
www.comptia.org/communities
www.comptia.org/communities
Q U I C K S TA R T G U I D E
P OW E R E D B Y :
www.comptia.org/communities
2. Eight Steps to
IT Security Success
Solution provider Jacob K. Braun prefers a reasoned approach when selling IT security
to clients. Rather than trying to scare clients, Braun appeals to their sense of ethics.
“I ask them: ‘What would your clients say if they knew you didn’t have security in
place?’” says Braun, the president and chief operating officer of WakaDigital Media
Corp., a managed services provider (MSP) based in Amherst, MA.
“You can approach it from the fear factor, but the fear
factor can backfire pretty quickly,” he says. Scare tactics
put clients on the defensive, and that makes it much
harder to sell them the solution they need, he adds.
No one really questions the need for security, even if too
many clients still don’t have a good grasp of everything it
entails, say Braun and others in the IT channel. The onus,
therefore, is on solution providers to educate clients on
security risks, assess those risks, and address them in a
comprehensive way. They also need to ensure their clients
comply with a growing set of federal and state data-protection
regulations.
“Security is much more than perimeter firewalls and
anti-virus protection. A truly secure approach must be
multi-faceted and comprehensive,” says Jim Hamilton,
senior director of member communities at the Computer
Technology Industry Association (CompTIA). CompTIA is
based in Downers Grove, IL, and is known as the largest
nonprofit trade association in IT.
A truly secure environment provides protection,
prevention, and remediation. To achieve all that, say
security experts, a security platform has to perform
multiple functions in what is called a multi-layer
approach: firewalls to control network access, tools that
filter Web content and e-mail, encryption protocols, and
intrusion prevention and detection. Security also entails
policies and tools that control the use of passwords,
www.comptia.org/communities
2 www.comptia.comptioar.go/crogm/mcounmitiems unities
mobile and VPN connections, which users access which
data, and how to react when a data breach or leak occurs.
The proliferation of cloud-based solutions and
technologies such as social networking and virtualization,
say security experts, make the already-complex endeavor
of securing IT environments even more intricate. New
challenges such as protocols for using social media and
how to apply security policies to virtualized networks
have to be addressed, says Tim Larocque, director
of sales at Ottawa-based Interwork Technologies, a
distributor of IT security solutions.
“Those are significant challenges that I don’t think
most solution providers are taking the time to address,”
Larocque says.
Step 1: Leverage compliance regulations
for security growth
Solution providers that take the time to understand
security requirements stand to gain from a healthy,
growing market. The need for security never goes away.
It keeps increasing as hackers find new ways to break
into networks.
Market research firm Gartner predicts 4 percent growth
in 2010 in security-related software sales and 3 percent
in security services. Those are healthy enough numbers,
3. quick start guide
P OW E R E D B Y :
IT Security
3
especially on the heels of a major recession, but MSPs and
providers of cloud-based services say they are seeing growth
rates of 25 percent or more.
“We’re seeing very, very healthy growth in the security
market,” says Larocque. “It’s a very predictable and recession-proof
market.” Interwork partners, he says, are enjoying growth
rates of as much as 40 to 50 percent.
One major driver, according to IT security experts, is the
need for organizations large and small to comply with data
protection laws. Businesses that handle sensitive data, be it
financial information, medical records or legal documents,
have to comply with a growing set of regulations, both at the
state and federal levels, imposing strict requirements on how
to handle the data.
Federal laws enacted since 1996, such as the Sarbanes-
Oxley Act, which applies to accounting practices, and HIPAA
(Health Insurance Portability and Accountability Act), which
addresses medical records, have created a cottage industry of
compliance-focused solutions and services.
Forty-five states and the District of Columbia also have passed
regulations designed to prevent breaches and protect privacy.
More laws are on the way, including a data breach-prevention
bill now under consideration in Washington, D.C.
Step 2: Don’t ignore the cloud, celebrate it
Next to compliance, the increasing popularity of cloud
computing is the biggest driver of the IT security business, say
security experts. Gartner predicts cloud-related business will
grow to $150 billion in 2013, more than triple what it was two
years ago at $46 billion.
Interestingly enough, security and the cloud have a paradoxical
relationship, says Earle Humphreys, chief executive officer
of ITEEX, a channel development company with a strong
focus on security. Many end-user organizations, accustomed
to having all their hardware and software on premise, where
they can keep a close eye on them, have reservations about
tapping the cloud for business-critical applications. They worry
about whether their applications and data are secure enough
in the cloud. As a result, says Humphreys, some put off cloud
computing plans.
“If you take a look at the top reason not to adopt the cloud, it
is security,” he says.
Still, and here is the paradox, while security may hamper the
adoption of cloud computing, the business of security receives
a significant boost once end users decide to go ahead with
cloud-based implementations. For one thing, the cloud makes
it possible to centralize management of entire IT environments.
On Patrol With the CompTIA IT Security Community
To help solution providers stay abreast of developments in IT
security, both at the regulatory and business level, CompTIA
recently created a collaborative group to foster discussion among
peers and share resources.
The CompTIA IT Security community, which developed the CompTIA
Security Trustmark business credential, keeps members informed
of IT security developments through a regularly updated blog. The
community also encourages members to share best practices, help
solve collective problems, and build relationships that can lead to
valuable partnerships. Members include VARs, managed services
providers, distributors, vendors, and other industry experts.
Through the community blog, members have been able to keep
track of significant industry discussions, such as the national data-breach
legislation proposed in Washington D.C. While different
states are addressing specific actions when a data breach occurs,
no Federal law has yet been established. Though Congress has
discussed the legislation, it’s unlikely that anything will be passed
until late 2011. CompTIA is lobbying for passage of the bill on behalf
of the industry and will continue to provide frequent updates to the
IT Security Community.
The group is also working to establish a code of conduct, a one-page
document intended to help members meet their obligations
to the industry and their constituents. These responsibilities include
the protection of customers and their IT environments, reliable
service, and the advancement of community and CompTIA goals. A
draft of the code has been distributed to the group, and members
are expected to ratify it in short order.
Other activities the group is currently engaged in include creating end
user education for compliance and regulations, identifying security
issues related to new technologies, developing security education
tracks for solution providers, and developing an industry awareness
campaign for the CompTIA Security Trustmark business credential.
Find out more about the CompTIA IT Security community at
www.comptia.org/communities
4. www.comptia.org/communities
4 www.comptia.comptioar.go/crogm/mcounmitiems unities
As a result, security is at least as good or better than in
strictly on-premise environments.
In addition, the cloud eliminates most upfront on-premise
software and hardware investments, which makes it
irresistible to organizations under constant pressure to
maximize their IT dollars without adding staff or expensive
equipment.
Making the cloud even more attractive from an economic
standpoint is that as cloud-based solutions proliferate, the
cost of the solutions decreases, says Scott Barlow, vice
president of sales and marketing at Reflexion Networks, a
vendor of hosted e-mail services based in Woburn, MA.
The cloud is changing the security business, and
solution providers are cashing in. The technology itself,
be it e-mail filtering, intrusion detection, or anti-virus,
often is sold at cost or even at a loss, says Interwork’s
Larocque. Providers make up for the upfront loss
by packaging the technology with monitoring and
management services that they perform remotely and
charge users for on a subscription basis.
Step 3: Weave security into every
opportunity
For solution providers, security is both a requirement
and an opportunity. It’s a requirement because of clients’
regulation compliance needs and an opportunity because
of those needs and the expansion of the cloud.
So while security traditionally has been considered a
specialty in the IT channel, the market dynamics now require
at least a basic level of security competency. “Security must
be an element of every solution implemented and managed
by solution providers,” says Hamilton.
Especially if you’re delivering managed services or hosted
solutions, there is simply no way of skirting client security
needs. “Security should be sold as part of every MSP
sale because security touches everything in a customer’s
enterprise,” says Todd Jones, general manager of
Watchman Computer Services, a security-focused MSP in
Denver, CO.
When taking over part or all of a client’s IT environment
remotely through a managed services arrangement or
delivering applications over the cloud, solution providers
Master the CompTIA Security Trustmark
Since its launch in 2008, the CompTIA Security Trustmark business
credential has become the industry standard for solution providers
wanting to assure customers they have the experience and know-how
to secure their IT environments.
The vendor-neutral, business-level credential identifies solution
providers that follow best practices, established protocols, and
documentation methods in delivering security solutions to clients.
For solution providers, there is no better way to stand out from the
crowd when delivering security services and technology to clients,
says Todd Jones, general manager at Watchman Computer Services,
a Denver-based managed services provider.
“Security touches just about everything,” he says. “It’s really
important in the marketplace to have a standard of security best
practices.”
Earle Humphreys, chief executive officer of Information Technology
Executive Exchange (ITEEX), a security-focused channel
development organization, says the Security Trustmark program
solved a problem in the IT channel. End users often were reluctant
to engage solution providers because they had doubts about the
providers’ level of expertise in security.
“There was a credibility issue that was hurting vendor sales,” says
Humphreys, who worked on contract with CompTIA to help develop
the Security Trustmark credential. Now, he says, end-user clients
have a reliable way to vet IT security services providers, while the
providers stand to get more businesses by achieving a business
credential.
To earn the Security Trustmark credential, solution providers have
to complete a comprehensive review process that includes an online
assessment and the submission of various documents detailing
company processes and practices. Security Trustmark applicants
also are subject to unannounced audits, and once they receive the
credential, they have to undergo an annual review process.
The Security Trustmark business credential differs from the various
CompTIA certifications, such as CompTIA A+, CompTIA Network+
and CompTIA Security+, in that it covers an entire organization,
versus validating individual competency.
Find out more about the CompTIA Security Trustmark at
www.comptia.org/securitytrustmark
5. quick start guide
P OW E R E D B Y :
IT Security
5
accept a level of liability that didn’t exist in the old break/
fix, project-based client engagements. “If you don’t do some
basic security for your client, you’re putting your business at
risk,” says Humphreys.
“Security is a discipline. It is part of the fabric, the expertise
that you are selling your customer,” says Jones. “Any provider
that approaches this as anything else is on the verge of
doing a disservice to their customers and short-changing
themselves. It is not a ‘bolt-on, set-it and forget it’ product
that can be sold, installed, and then you’re on to the next sale.”
To help solution providers meet their security requirements,
CompTIA in 2008 launched a business credential, the
CompTIA Security Trustmark. The vendor-neutral, business-level
credential identifies solution providers that have proven
they follow security best practices in accordance with
CompTIA standards (see sidebar on page 6). The Security
Trustmark gives solution providers credibility, says Humphreys,
who worked under contract for CompTIA to develop the
Security Trustmark credential.
Step 4: Embrace best practices
Much like their clients’ networks, solution providers are
handling a heavy load when it comes to security. To ensure
they do right by their clients, security experts recommend that
solution providers adopt certain practices.
Achieving a Security Trustmark credential, say experts, goes
a long way to show clients you have the proper expertise and
employ the best practices to protect their IT environments. In
addition, solution providers should do the following:
• Educate customers
• Perform vulnerability assessments
• Make sure tools from different vendors work together
• Set policies for clients on safe computing practices
• Know security regulations
• Partner with other solution providers for expertise
• Maintain communication with clients
Subscription-based IT Security Services Gain Traction
More and more solution providers are giving up on trying to
squeeze profits out of IT security technology. But they don’t mind,
so long as they get to charge the customer monthly or quarterly
fees to deliver security as a service.
Tim Larocque, director of sales at Interwork Technologies, an
Ottawa-based distributor of IT security solutions, says deals in
which solution providers sacrifice profits upfront in the expectation
of future recurring revenue are increasingly common. Over time,
the recurring revenue more than makes up for the upfront profit
loss, he asserts.
Whether they lump security with an overall managed services
package or sell security as separate hosted services as part of a
SaaS contract, the primary goal is to establish a recurring revenue
stream from the customer. Clients in recent years have warmed up
to the idea of paying subscription fees for cloud-based services
that would cost a lot more if they had to deploy and maintain the
technology on premise.
In addition, handing over to a solution provider that can handle
remotely the burdens of updating anti-virus and spam-filtering
subscriptions, maintaining firewalls and managing patch manage-ment
keeps in-house IT staffing budgets down and allows compa-nies
to better focus on their core business. To be sure, the cloud-based
security model is gaining traction, say security providers, but
education is still necessary for clients who fear that cloud-based
solutions are less secure.
Larocque says Interwork’s most successful partners have concluded
that their security focus needs to be on service, not technology.
As a result, they are enjoying security business growth rates of as
much as 40 to 50 percent, he says.
Scott Barlow, vice president of sales and marketing at Reflexion
Networks, a Woburn, MA,-based vendor of hosted e-mail security,
is seeing similar trends. Reflexion partners, he says, are enjoying
growth rates of 25 percent or more. “We’ve seen significant growth
in the past 12 to 18 months,” Barlow says.
Like Larocque, Barlow says he is seeing solution providers bundle
their security services into managed services packages that also
include remote monitoring and management of PCs, servers,
network devices, and applications. Embedding security into man-aged
services contracts, says Barlow, makes it easier to address the
client’s security needs.
6. Step 5: Re-educate customers
Especially among small and medium-sized business
(SMB), network and data security requirements often
are only partly addressed, and in the worst cases, almost
completely ignored. Business owners, for the most part,
understand threats such as viruses and spam, but they
lack a comprehensive approach to protect their data,
prevent intrusion, and implement policies on how to react
to breaches.
“Small businesses are too trusting,” says Jones. “They’re
not as a concerned as they need to be. They don’t
understand the risk unless you continuously hammer it
away at them.”
“Customers need to understand that security is not
a technical solution you purchase,” says CompTIA’s
Hamilton. “Security is a complex problem that requires a
holistic approach to be effective.”
In their role as educators, solution providers also need to
point out the economics of security—that breaches can
incur high remediation costs and in the worst cases put a
company’s future at risk.
“You’re essentially selling insurance,” says Barlow.
Awareness is key, says Larocque. Business owners may
lull themselves into thinking their data is safe if a breach
hasn’t already happened to them, and as a result, not
make the necessary investment. But they don’t realize, for
instance, that malware is released every five seconds and
an attack on their network could be only a matter of time.
Solution providers must impress on clients that security
threats are real, relentless, and constantly evolving,
Larocque says.
In fact, breaches take place practically daily, as attested
by the Web site DatalossDB.org, which lists and
documents all reported incidents and the number of
records, from zero to the millions, exposed in each case.
“Breaches are a regular occurrence,” says Hamilton.
“Customers cannot afford to be blasé about the
potential risks.”
www.comptia.org/communities
6 www.comptia.comptioar.go/crogm/mcounmitiems unities
Step 6: Promote regular assessments
Security has to be part of the conversation whenever a
solution provider is pitching its offerings to a prospective
customer, says Hamilton. “It can’t be sidestepped anymore.”
As such, it’s a good practice to conduct an assessment of
the customer’s security environment, including desktops
and mobile devices, before deploying any technology.
Assessments typically include checking the subscription
status of anti-virus and anti-spyware tools and testing
existing firewalls for effectiveness.
“It probably wouldn’t take your average VAR more than
a day or two to do a basic security assessment for their
clients,” says Humphreys.
Depending on the size of the client’s IT environment,
an assessment may include vulnerability scanning to
identify holes in the network and potential risks related
to applications and Web services. Penetration testing to
see how easy it is to break into the network may also be
advisable.
Assessments should look beyond technology to also
cover policies, say security experts. Solution providers
may find that a client has no policies in place covering
how to react to data breaches or that an organization
has never instructed its users not to share their individual
network-access information.
Assessment findings should be compiled in a report
to share with the client to demonstrate current
vulnerabilities and formulate a strategy to eliminate the
vulnerabilities and build a solid security environment.
Harmony in security
Humphreys counsels due diligence in deciding which
security products solution providers should use for their
clients. Solution providers may prefer a firewall from one
vendor and anti-virus software from another, but they
need to make sure the different pieces work together.
Otherwise, the result is unwanted complexity or, even
worse, an environment that adds to the vulnerabilities
it is supposed to be addressing. The history of IT is
littered with cases of applications that were supposed
7. quick start guide
P OW E R E D B Y :
IT Security
7
to be compatible but failed to communicate, as well as
environments with different sets of hardware and user
interfaces that turn into real nightmares for administrators.
Hamilton says solution providers must think about the
overall security landscape and how their solution fits into the
bigger picture.
For solution providers delivering security as part of their
managed services offerings, the easiest way go about this
is to pick a managed services vendor that bundles security
tools such as anti-virus, e-mail filtering, and firewalls, into its
remote monitoring and management (RMM) tool. “That way
you know they picked the friendly products and you know
they work,” Humphreys says.
Step 7: Stick with clear policies
Security transcends technology in that breaches and leaks
often result from human error. A company may have the
best technology available to secure its networks, but if
users are sharing passwords, accessing Web sites that may
contain virus, or e-mailing unencrypted documents with
sensitive information, the technology won’t help them.
Aside from day-to-day safe computing practices, policies
also must address how to react when a threat is detected,
a virus gets through or an application malfunctions and
creates a point of exposure. Watchman Computer Services’
Todd Jones says the discipline of security entails three main
elements: protection, detection, and response.
“Without response you do not have security,” he says. “Every
door can be kicked in, every safe can be cracked, every
fortress can be breached, and every treasure can be stolen
if there is no response. It’s no different with computer and
network security. You can bolt in all the latest and greatest
products, but installed without response, you do not have
security.”
Protocols need to be in place so that users and
administrators know what to do when they receive an
alert, says Jones, who believes that is where security as a
managed service really makes a difference.
For solution providers monitoring their clients’ environments
remotely, that means having a policy in place prescribing
action when an alert comes through. Be it a remediation
Names and Organizations to Know
Solution providers looking for tips about how to deliver
security solutions to their clients face no shortage of sources
of information. Following are some suggestions on where to
get information tailored specifically to solution provider needs.
Find information about the CompTIA Security Trustmark here:
www.comptia.org/securitytrustmark
For updates on the CompTIA public advocacy efforts,
including lobbying for security regulations, check out the
public advocacy section of the association’s web site:
www.comptia.org/publicpolicy.aspx
The CompTIA IT security blog keeps updated on the
association’s IT security community, whose work includes
development of the Security Trustmark business credential
and collaboration with the CompTIA Public Advocacy Office:
blog.comptia.org/category/subtopics/it-security
CompTIA IT Security Community
www.comptia.org/communities
Noel Eberline, director of the CompTIA IT security community,
publishes a blog in which he addresses myriad security-related
topics. Access the blog here:
blog.networkwatchman.com
The Open Security Foundation keeps tabs on security
breaches across the world and publishes a database of all
known incidents causing data losses. The database is updated
just about daily and accessible here:
datalossdb.org
ITEEX, founded in 2002 as a peer-to-peer organization, is a
security-focused channel development company. ITEEX chief
executive officer, Earle Humphreys, worked with CompTIA
on developing the Security Trustmark credential. Access the
company website here:
www.iteex-channel.com
And the ITEEX blog here:
www.iteex-channel.com/blog
8. cleanup, file quarantine, or a patch application, specific
rules should be in place for response and escalation.
Step 8: Study up on regulations
Knowing the regulations that affect IT security business is
easier said than done, considering that federal standards
are still evolving and there isn’t yet a national regulation
that covers breach notifications. However, a number
of states have enacted regulations addressing data
breaches, with Massachusetts boasting the most stringent
laws on the books.
But, as the saying goes, ignorance of the law is no excuse.
“It’s important for the solution provider to know what
the regulations are all about, what they apply to,” says
Reflexion’s Barlow.
Even though solution providers need to become de
facto experts on the law, achieving that status isn’t easy.
Solution providers operating in multiple states have to
contend with regulations that differ from state to state.
Massachusetts mandates that organizations handling
sensitive data, such as finance and medical records,
implement data leak prevention. New Jersey has a
regulation that many in the industry consider bizarre:
When a leak occurs, the affected company is required to
notify the state police before even its clients or partners.
What’s needed is a national standard covering data leaks,
say security experts. CompTIA has been lobbying congress
to pass data-leak legislation now under consideration, and
while there is a chance a bill could be approved this year,
most likely passage will occur next year.
Barlow suggests that solution providers uncertain about
which regulations affect their clients should leverage their
vendor partners. Security vendors have people in their
staffs (with knowledge about regulations and compliance
requirements) who can help solution providers make the
right decisions for their clients, he says.
Partner for expertise
In delivering security solutions and services, solution
providers in some cases should seek partners that have
www.comptia.org/communities
8 www.comptia.comptioar.go/crogm/mcounmitiems unities
the expertise they lack, says WakaDigital’s Braun. A
partner that specializes in security, such as WakaDigital,
can train, assess, and set policies for the client, he says.
In cases where it makes sense, the security partner can
stay in the picture in a consultative role, either as a silent
partner in the background or in a more visible way in
front of the partner, Braun says.
Humphreys believes there are several advantages
to working with a partner. Those include avoiding
infrastructure costs and making up for lack of expertise
in building solutions. A security partner bringing in a
solution already has tested the technology so you don’t
have to and already has experience with issues that you
may never have encountered, Humphreys says.
Of course partnering carries some risks, so it’s important
to ensure a prospective partner “doesn’t have a history
of working to come between you and your clients,” he
says. Humphreys recommends doing your homework by
checking with other companies that have worked with the
prospective partner.
In addition, says Humphreys, though a solution provider
would partner with another to add expertise, the provider
still needs to know enough about the technology. You
want to make sure the solution the partner is bringing
works, or that it isn’t a new, unproven release with bugs
that haven’t been worked out.
9. quick start guide
P OW E R E D B Y :
IT Security
9
Keep Talking
Barlow advises solution providers meet with customers monthly
or quarterly to review the work the provider does to protect
clients’ IT environment. Especially for solution providers
delivering security as a managed or hosted service, periodic
meetings can be key.
MSPs say clients tend to forget the work that goes on behind
the scenes to keep their IT environments in shape and, at
invoice time, question what they are getting for what they are
paying. During the meetings, for instance, solution providers
should go over how they prevented a network attack by
responding to system alerts or how they stopped unsafe Web
surfing by detecting it and alerting the client about it.
Communication with the client should keep business value at
the forefront. Barlow suggests using security arguments to
implement business process improvements, such as replacing
tax and financial forms with electronic files.
Braun agrees with the need for communication. Remind the
client, he says, of how security helps protects their business
investments by talking to them about how much it costs to
remediate breaches that could have been prevented with right
technology and security policies in place.
“At the end of the day,” he says, “you’re not providing IT, you’re
providing business-process management.”
About CompTIA
CompTIA is the voice of the world’s information technology
(IT) industry.
As a non-profit trade association advancing the global interests
of IT professionals and companies, we focus our programs
on four main areas: education, certification, advocacy and
philanthropy. We:
• Educate the IT channel: Our educational resources,
comprising instructor-led courses, online guides, webinars,
market research, business mentoring, open forums and
networking events, help our members advance their level of
professionalism and grow their businesses.
• Certify the IT workforce: We are the leading provider of
technology-neutral and vendor-neutral IT certifications, with
more than 1.4 million certification holders worldwide.
• Advocate on behalf of the IT industry: In Washington, D.C.,
we bring the power of small- and medium-sized IT businesses
to bear as a united voice and help our members navigate
regulations that may affect their businesses.
• Give back through philanthropy: Our foundation enables
disadvantaged populations to gain the skills they need for
employment in the IT industry.
Our vision of the IT landscape is informed by more than 25
years of global perspective and more than 2,800 members
and 1,000 business partners that span the entire IT channel.
We are driven by our members and led by an elected board
of industry professionals.
All proceeds are directly reinvested in programs that
benefit our valued members and the industry as a whole.
Headquartered outside of Chicago, we have offices across
the United States and in Australia, Canada, China, Germany,
India, Japan, South Africa and the United Kingdom. For more
information, visit comptia.org.