Analytics
9/12/2013
12:51 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

IT Pros Lack Security Management Support, Budget & Training

Half of respondents to SANS Institute/SolarWinds survey reported spending 20 percent or less of their IT budget on security

AUSTIN, TX – September 12, 2013 – SolarWinds (NYSE: SWI), a leading provider of powerful and affordable IT management software, in conjunction with SANS, today released the results of a security survey* of more than 600 IT professionals representing a broad range of industries and organization sizes. The survey was conducted to identify the impact of security threats and the use of security analytics and intelligence to mitigate those threats.

Survey findings:

Survey respondents generally agreed that support for managing security today was inadequate. Many are working with a limited budget to manage "information security, compliance and response," with nearly half of respondents reported spending 20% or less of their IT budget on security. A majority also expressed their need for greater security data visibility and context, and said they plan to invest in training to address those issues.

Targeted attacks that are missed by antivirus and other point solutions were a problem for most respondents. Forty-five percent of respondents reported that in the past two years their organization experienced one or more attacks that were difficult to detect. Another 21% reported that they lacked enough visibility to even answer the question.

Reported "difficult to detect" attacks took, on average, one full week to detect. The root cause was usually visibility, with specific causes such as:

Not collecting appropriate operational and security data

Lack of context to observe normal behavior (and set baselines)

Lack of system and vulnerability awareness

IT pros seeking to avoid breaches used data from a variety of sources in their security analytics. The data most frequently used included:

Log data from networks and servers

Network monitoring data

Access data from applications and access control systems

In the next 12 months, respondents said they also plan to use the following data to improve their security monitoring:

Security assessment data from endpoint, application and server monitoring tools

Monitoring and exception data pertaining to internal virtual and cloud environments

Access data from applications and access control systems

IT pros plan to invest in the following to get better visibility and response through security analytics and security intelligence:

SIEM tools

Training

Vulnerability management

"Since the responsibility of securing IT is not just the role of a security expert anymore, it's important for all IT pros to be equipped to tackle security challenges," said Sanjay Castelino, VP and Market Leader, SolarWinds. "For IT pros that don't have a lot of time or budget to invest in managing security, we offer affordable and easy-to-use tools that provide visibility and insight right out of the box. Along with SolarWinds' wider suite of IT management products, our security products have a broad set of features and functionality built in, making security and compliance management accessible to all."

Security Management for Every IT Pro, Organization

Security is everyone's problem. For IT pros that don't spend their day thinking about security yet need the tools to tackle everyday operational security challenges, SolarWinds offers a number of powerful, easy-to-use and affordable products with out-of-the-box security and threat management. From Security Information and Event Management (SIEM) to firewall and patch management and more, IT pros can assess their environments and deploy SolarWinds' IT management products on a need-by-need basis to achieve end-to-end security visibility, including:

SolarWinds Log & Event Manager (LEM) – SIEM; real-time event correlation, endpoint data loss monitoring, active threat responses

SolarWinds Firewall Security Manager (FSM) – Firewall auditing and configuration management

SolarWinds Patch Manager – Endpoint vulnerability management

SolarWinds User Device Tracker (UDT) – Network user and device tracking

SolarWinds Serv-U Managed File Transfer (MFT) Server – Secure file sharing and file transfer

Join SolarWinds at SANS Network Security 2013 Las Vegas

Network Security attendees are invited to stop by booth No. 14 on September 18 to see live demos and to learn from the product experts about SolarWinds LEM, SolarWinds FSM, SolarWinds Patch Manager, SolarWinds UDT, and SolarWinds MFT Server, and to grab some geeky gear.

*The survey was conducted from June 10 – July 19, 2013, resulting in 647 survey responses from IT practitioners, managers and directors in the U.S. and Canada from public- and private-sector small, mid-size and enterprise companies. Public-sector specific results available upon request.

About SolarWinds

SolarWinds (NYSE: SWI) provides powerful and affordable IT management software to customers worldwide from Fortune 500 enterprises to small businesses. In all of our market areas, our approach is consistent. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem on any scale. Our solutions are rooted in our deep connection to our user base, which interacts in our online community, thwack, to solve problems, share technology and best practices, and directly participate in our product development process. Learn more today at http://www.solarwinds.com/.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3407
Published: 2014-11-27
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.

CVE-2014-4829
Published: 2014-11-27
Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allows remote attackers to hijack the authentication of arbitrary users for requests tha...

CVE-2014-4831
Published: 2014-11-27
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to hijack sessions via unspecified vectors.

CVE-2014-4832
Published: 2014-11-27
IBM Security QRadar SIEM and QRadar Risk Manager 7.1 before MR2 Patch 9 and 7.2 before 7.2.4 Patch 1, and QRadar Vulnerability Manager 7.2 before 7.2.4 Patch 1, allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.

CVE-2014-4883
Published: 2014-11-27
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?