Analytics
9/12/2013
12:51 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

IT Pros Lack Security Management Support, Budget & Training

Half of respondents to SANS Institute/SolarWinds survey reported spending 20 percent or less of their IT budget on security

AUSTIN, TX – September 12, 2013 – SolarWinds (NYSE: SWI), a leading provider of powerful and affordable IT management software, in conjunction with SANS, today released the results of a security survey* of more than 600 IT professionals representing a broad range of industries and organization sizes. The survey was conducted to identify the impact of security threats and the use of security analytics and intelligence to mitigate those threats.

Survey findings:

Survey respondents generally agreed that support for managing security today was inadequate. Many are working with a limited budget to manage "information security, compliance and response," with nearly half of respondents reported spending 20% or less of their IT budget on security. A majority also expressed their need for greater security data visibility and context, and said they plan to invest in training to address those issues.

Targeted attacks that are missed by antivirus and other point solutions were a problem for most respondents. Forty-five percent of respondents reported that in the past two years their organization experienced one or more attacks that were difficult to detect. Another 21% reported that they lacked enough visibility to even answer the question.

Reported "difficult to detect" attacks took, on average, one full week to detect. The root cause was usually visibility, with specific causes such as:

Not collecting appropriate operational and security data

Lack of context to observe normal behavior (and set baselines)

Lack of system and vulnerability awareness

IT pros seeking to avoid breaches used data from a variety of sources in their security analytics. The data most frequently used included:

Log data from networks and servers

Network monitoring data

Access data from applications and access control systems

In the next 12 months, respondents said they also plan to use the following data to improve their security monitoring:

Security assessment data from endpoint, application and server monitoring tools

Monitoring and exception data pertaining to internal virtual and cloud environments

Access data from applications and access control systems

IT pros plan to invest in the following to get better visibility and response through security analytics and security intelligence:

SIEM tools

Training

Vulnerability management

"Since the responsibility of securing IT is not just the role of a security expert anymore, it's important for all IT pros to be equipped to tackle security challenges," said Sanjay Castelino, VP and Market Leader, SolarWinds. "For IT pros that don't have a lot of time or budget to invest in managing security, we offer affordable and easy-to-use tools that provide visibility and insight right out of the box. Along with SolarWinds' wider suite of IT management products, our security products have a broad set of features and functionality built in, making security and compliance management accessible to all."

Security Management for Every IT Pro, Organization

Security is everyone's problem. For IT pros that don't spend their day thinking about security yet need the tools to tackle everyday operational security challenges, SolarWinds offers a number of powerful, easy-to-use and affordable products with out-of-the-box security and threat management. From Security Information and Event Management (SIEM) to firewall and patch management and more, IT pros can assess their environments and deploy SolarWinds' IT management products on a need-by-need basis to achieve end-to-end security visibility, including:

SolarWinds Log & Event Manager (LEM) – SIEM; real-time event correlation, endpoint data loss monitoring, active threat responses

SolarWinds Firewall Security Manager (FSM) – Firewall auditing and configuration management

SolarWinds Patch Manager – Endpoint vulnerability management

SolarWinds User Device Tracker (UDT) – Network user and device tracking

SolarWinds Serv-U Managed File Transfer (MFT) Server – Secure file sharing and file transfer

Join SolarWinds at SANS Network Security 2013 Las Vegas

Network Security attendees are invited to stop by booth No. 14 on September 18 to see live demos and to learn from the product experts about SolarWinds LEM, SolarWinds FSM, SolarWinds Patch Manager, SolarWinds UDT, and SolarWinds MFT Server, and to grab some geeky gear.

*The survey was conducted from June 10 – July 19, 2013, resulting in 647 survey responses from IT practitioners, managers and directors in the U.S. and Canada from public- and private-sector small, mid-size and enterprise companies. Public-sector specific results available upon request.

About SolarWinds

SolarWinds (NYSE: SWI) provides powerful and affordable IT management software to customers worldwide from Fortune 500 enterprises to small businesses. In all of our market areas, our approach is consistent. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem on any scale. Our solutions are rooted in our deep connection to our user base, which interacts in our online community, thwack, to solve problems, share technology and best practices, and directly participate in our product development process. Learn more today at http://www.solarwinds.com/.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-5619
Published: 2014-09-29
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame.

CVE-2012-5621
Published: 2014-09-29
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.

CVE-2012-6107
Published: 2014-09-29
Apache Axis2/C does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

CVE-2012-6110
Published: 2014-09-29
bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.

CVE-2013-1874
Published: 2014-09-29
Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
In our next Dark Reading Radio broadcast, we’ll take a close look at some of the latest research and practices in application security.