McAfee Study Finds SIEM, Database Security Top Priorities
This week, McAfee released the results of its annual study examining how IT decision-makers see and tackle risk and compliance management challenges given “a highly regulated and increasingly complex global business environment.” According to Risk and Compliance Outlook: 2012, concerns over persistent threats have driven database security and security information and event management (SIEM) to the top of IT’s list of concerns.
That database security is at the top of the list is no surprise, given highly publicized data breaches within the last year. “When asked about sensitive database breaches, over one-quarter had either had a breach or did not have the visibility to detect a breach,” [emphasis mine] according to a McAfee news release.
Databases were IT’s top challenge for staying compliant with regulations. In fact, organizations point to compliance as the key driver for 30 percent of their IT projects.
We all have legacy systems, and the report confirmed what I’ve long suspected: “most organizations rely on legacy systems that do not meet their current needs.” It’s not just that the application functionality hasn’t kept up with what an enterprise needs. The “ever-changing threats, data breaches, and IT complexity add to the burden of being able to monitor security events, detect attacks, and assess real and potential risk.”
The report claims that about 40 percent of organizations surveyed are “planning to implement or update a SIEM solution.” That’s easy to say in a survey, especially given all the conflicting security demands IT faces. McAfee should ask the same group next year exactly how many actually implemented or updated their SIEM solution. That’s the real test. There may be a bit of good news in the survey, however, regarding plans: nearly all (96 percent) of surveyed organizations say they will spend the same or more on risk and compliance this year. At least budgets aren’t being cut, as they are in other areas.
The survey also found that “80 percent of respondents cited visibility as very important, security teams remained challenged in this area. Discovering threats was listed as the top challenge to managing enterprise risk.”
How well are organizations doing in staying current with new threats? Nearly half of participating organizations conduct patches once a month; one-third patch every week. “Just like last year’s analysis, not all companies are able to pinpoint threats or vulnerabilities,” which explains why “43 percent indicate that they over-protect and patch everything they can.”
You can download a copy of the full, information-rich report for free here. No registration is required.
-- James E. Powell
Editorial Director, ESJ
Posted by Jim Powell on 05/31/2012