IT pros lack support to manage security intelligence
Posted on 13 September 2013.
SolarWinds, in conjunction with SANS, today released the results of a security survey of more than 600 IT professionals representing a broad range of industries and organization sizes. The survey was conducted to identify the impact of security threats and the use of security analytics and intelligence to mitigate those threats.

Survey respondents generally agreed that support for managing security today was inadequate. Many are working with a limited budget to manage “information security, compliance and response,” with nearly half of respondents reported spending 20 percent or less of their IT budget on security. A majority also expressed their need for greater security data visibility and context, and said they plan to invest in training to address those issues.

Targeted attacks that are missed by antivirus and other point solutions were a problem for most respondents. Forty-five percent of respondents reported that in the past two years their organization experienced one or more attacks that were difficult to detect. Another 21 percent reported that they lacked enough visibility to even answer the question.

Survey respondents generally agreed that support for managing security today was inadequate. Many are working with a limited budget to manage “information security, compliance and response,” with nearly half of respondents reported spending 20 percent or less of their IT budget on security. A majority also expressed their need for greater security data visibility and context, and said they plan to invest in training to address those issues.

Targeted attacks that are missed by antivirus and other point solutions were a problem for most respondents. Forty-five percent of respondents reported that in the past two years their organization experienced one or more attacks that were difficult to detect. Another 21 percent reported that they lacked enough visibility to even answer the question.

Reported “difficult to detect” attacks took, on average, one full week to detect. The root cause was usually visibility, with specific causes such as:
  • Not collecting appropriate operational and security data
  • Lack of context to observe normal behavior (and set baselines)
  • Lack of system and vulnerability awareness.
IT pros seeking to avoid breaches used data from a variety of sources in their security analytics. The data most frequently used included:
  • Log data from networks and servers
  • Network monitoring data
  • Access data from applications and access control systems.
In the next 12 months, respondents said they also plan to use the following data to improve their security monitoring:
  • Security assessment data from endpoint, application and server monitoring tools
  • Monitoring and exception data pertaining to internal virtual and cloud environments
  • Access data from applications and access control systems.
IT pros plan to invest in the following to get better visibility and response through security analytics and security intelligence:
  • SIEM tools
  • Training
  • Vulnerability management.





Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals it’s our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Sep 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //