Pulse

By GCN Staff

Blog archive
security monitoring tools

Survey finds IT managers ill-equipped to face cyber threats

IT security managers are under the gun, and lack the analytics tools necessary to neutralize – or even notice – serious threats to their networks, according to a recent survey on the use of security intelligence tools in a variety of organizations.

A study of 600 IT pros by SolarWinds, an IT management software vendor, and the SANS Institute found that most managers wanted “greater security visibility and context,” but were operating with a limited budget for info security and compliance tools.

And though most respondents said they planned to invest in these tools, half of them were spending 20 percent or less of their IT budget on security. The survey was set up to identify the use of security analytics and intelligence to reduce those threats. 

Most reported having a problem with targeted attacks that were missed by antivirus and other point solutions. Forty-five percent of responders said that they had been hit in the last two years with one or more attacks that were “difficult to detect.” But another 20 percent said they lacked the visibility into their networks to even determine the answer to the question. 

The survey showed such "difficult to detect" attacks took about a full week to detect and were caused by poor visibility or not collecting the right operational and security data to identify the threat.

The data used most often included log data from networks and servers, network monitoring data and data from applications and access control systems, according to the survey results.

Organizations looking to acquire new security intelligence tools in the next year want to incorporate data from endpoint and server monitoring tools, as well as data associated with virtual and cloud systems. They are also looking for training and vulnerability management tech and other security information and event management tech, according to the survey.

Security threats have becomes so pervasive that, “it's important for all IT pros to be equipped to tackle security challenges," not just security experts, said SolarWinds vice president Sanjay Castelino.

Posted by GCN Staff on Sep 20, 2013 at 12:15 PM


Featured

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.