A study of 600 IT managers found most want better intelligence tools to identify threats that are "difficult to detect," but many lack the budget to buy them.
IT security managers are under the gun, and lack the analytics tools necessary to neutralize – or even notice – serious threats to their networks, according to a recent survey on the use of security intelligence tools in a variety of organizations.
A study of 600 IT pros by SolarWinds, an IT management software vendor, and the SANS Institute found that most managers wanted “greater security visibility and context,” but were operating with a limited budget for info security and compliance tools.
And though most respondents said they planned to invest in these tools, half of them were spending 20 percent or less of their IT budget on security. The survey was set up to identify the use of security analytics and intelligence to reduce those threats.
Most reported having a problem with targeted attacks that were missed by antivirus and other point solutions. Forty-five percent of responders said that they had been hit in the last two years with one or more attacks that were “difficult to detect.” But another 20 percent said they lacked the visibility into their networks to even determine the answer to the question.
The survey showed such "difficult to detect" attacks took about a full week to detect and were caused by poor visibility or not collecting the right operational and security data to identify the threat.
The data used most often included log data from networks and servers, network monitoring data and data from applications and access control systems, according to the survey results.
Organizations looking to acquire new security intelligence tools in the next year want to incorporate data from endpoint and server monitoring tools, as well as data associated with virtual and cloud systems. They are also looking for training and vulnerability management tech and other security information and event management tech, according to the survey.
Security threats have becomes so pervasive that, “it's important for all IT pros to be equipped to tackle security challenges," not just security experts, said SolarWinds vice president Sanjay Castelino.