Printer Friendly

ArcSight Announces Focus on Enterprise Threat and Risk Monitoring to Help Organizations Protect Against the Rising Threat of Cybercrime.

CUPERTINO, Calif. -- ArcSight, Inc. (NASDAQ: ARST), a leading global provider of security and compliance management solutions that protect enterprises and government agencies, today announced its focus on protecting enterprises against cybercrime with what it is characterizing as "Enterprise Threat and Risk Monitoring." As the cybercrime threat continues to rise, organizations are saying that they need to move beyond monitoring just the network infrastructure and look for threats and risks across the entire enterprise from both within the firewall and the cloud. The traditional definition of the Security Information and Event Management (SIEM) category, ArcSight's market category, is evolving to address this broader Enterprise Threat and Risk Monitoring requirement to successfully battle cybercrime. This broader monitoring protects enterprises against threats and risk across all parts of the enterprise, not only malicious external attacks on the perimeter, malware attacks, network security incidents, and compliance violations, but also against:

* User activity that involves role, entitlement, or policy violations,

* Sensitive and privacy data usage that is abnormal or unauthorized, and

* Critical transactions that are fraudulent or violate segregation of duty policies.

At the company's inaugural Investor and Financial Analyst Day, held earlier this week in New York, President and Chief Executive Officer Tom Reilly reviewed the four types of cyber threats that enterprises face today and why these threats must be monitored and prevented: cyber fraud, which uses electronic means to commit fraudulent transactions; cyber theft of personally identifiable information; cyber espionage, which is the attempt to access intellectual property and confidential information; and cyber warfare on a nation's critical infrastructure. As with his recent discussions with investors and the media, Reilly's presentation discussed the importance of these threats and referred to examples from a number of incidents reported in the media and other public reports that illustrated the potential threat as the number of cyber incidents rises, such as:

* In recent years, there have been hundreds of reported incidents affecting millions of identity-related records as reported by many media outlets and collected by the Open Security Foundation.1

* Since 2003, there have been three publicly reported cyber-related incidents at nuclear power plants. Two of the three of the incidents, while internal and unintentional, resulted in plant shutdowns. The third involved a malware attack on a plant that was already closed and offline.2 While none of these incidents were external attacks that led to a plant shutdown, they have led analysts and other industry observers to be concerned about the vulnerability of SCADA systems at nuclear plants to cyber attacks.

* The Pentagon has reported hundreds of millions of attempts to break into its networks, including the breach of the Defense Secretary's e-mail system in 2007, as reported by Time Magazine, CBS News and the National Journal, among others. The Pentagon has also noted these attacks are on the rise and are costing millions of dollars to respond to and repair.3

* Financial fraud perpetrated by cyber means is a material subset of cyber incidents that has been growing in recent years, and was the most expensive kind of incident on average according to a survey reported by the Computer Security Institute.4

"Cyber threats are on the rise because the world is increasingly more interconnected, high value assets are online, and cybercriminals are sophisticated," said ArcSight CEO Tom Reilly. "To protect their businesses, companies need to look beyond the perimeter to monitor sensitive data, critical transactions and what users are doing throughout the network, both inside the firewall and in the cloud. We believe Enterprise Threat and Risk Monitoring is the next big platform play in enterprise software and we are well positioned to pursue this significant market opportunity."

An archive of the company's Investor and Financial Analyst day in which Enterprise Threat and Risk Monitoring is discussed in further detail is available at http://ir.arcsight.com/events.cfm.

1 DataLossDB, Open Security Foundation and DataLossDB.org.

2 The Washington Post reported the unplanned shutdowns of Unit 3 of the Browns Ferry nuclear plant in August 2006, which an investigation found resulted from the failure of the controllers for two water circulation pumps as a result of a flood of computer data traffic on the plant's internal control system network, and the Hatch Nuclear Plant in March 2008 as a result of the accidental reset of control system data during the course of a software update to a computer used to monitor aspects of the facility's primary control systems. "Cyber Incident Blamed for Nuclear Power Plant Shutdown," B. Krebs, Washington Post, June 2008. The Congressional Research Service reported the August 2003 corruption of the Davis-Besse power plant's computer control system by the "Slammer" worm. "Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress," C. Wilson, Congressional Research Service Report for Congress, 2008.

3 "A Brief History of Cybercrime," R. James, Time, June 1, 2009, "Pentagon Bill To Fix Cyber Attacks: $100M," CBS News, April 7, 2009 and "Cyber Security," National Journal, September 4, 2007.

4 "2008 CSI Computer Crime and Security Survey-The latest results from the longest-running project of its kind," R. Richardson, Computer Security Institute.

About ArcSight

ArcSight (NASDAQ: ARST) is a leading global provider of security and compliance management solutions that protect businesses and government agencies. ArcSight identifies, assesses, and mitigates both internal and external cyber threats and risks across the organization for activities associated with critical assets and processes. With the market-leading ArcSight SIEM platform, organizations can proactively safeguard their assets, comply with corporate and regulatory policy and control the risks associated with cyber-theft, cyber-fraud, cyber-warfare and cyber-espionage. For more information, visit www.arcsight.com.

Forward Looking Statements

This news release contains forward-looking statements, including without limitation ArcSight's belief that cyber threats are on the rise because the world is increasingly more interconnected, high value assets are online, and cybercriminals are sophisticated; the company's belief that companies need to look beyond the perimeter to monitor sensitive data, critical transactions and what users are doing on the network, both inside the firewall and in the cloud; and the company's belief that Enterprise Threat and Risk Monitoring is the next big platform play in enterprise software and that it is well positioned to pursue this significant market opportunity. These forward-looking statements are subject to material risks and uncertainties that may cause actual results to differ substantially from expectations. Investors should consider important risk factors, which include: the risk that cyber threats may not continue to rise or that potential customers may not perceive the benefit of addressing those threats with products such as ArcSight's; the risk that customers will not appreciate the value of looking beyond the perimeter to monitor sensitive data, critical transactions and what users are doing on the network, both inside the firewall and in the cloud; the risk that Enterprise Threat and Risk Monitoring may not develop into the next big platform play in enterprise software; and other risks detailed under the caption "Risk Factors" in the ArcSight Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission, or the SEC, on September 9, 2009 and the company's other filings with the SEC. You can obtain copies of the company's Annual Report on Form 10-Q and its other SEC filings on the SEC's website at www.sec.gov.

[c] 2009 ArcSight, Inc. All rights reserved. ArcSight and the ArcSight logo are trademarks of ArcSight, Inc.
COPYRIGHT 2009 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2009 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Publication:Business Wire
Geographic Code:1U9CA
Date:Oct 16, 2009
Words:1221
Previous Article:Allegiance Bank of North America Reports Operating Results for the Quarter Ended, September 30, 2009.
Next Article:Fred Meyer Calls Police on Its Own Workers' Union Representatives.
Topics:


Related Articles
ArcSight assesses the 'true scope' of security threats.
U.S. Department of Health and Human Services chooses ArcSight software for security management.
Department of Energy awards netForensics enterprise-wide security information management contract.
MCAFEE PROTECTS MS05-039 AGAINST EXPLOIT CODE.
Risk governance: foundation for long-term value.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters