Analytics
9/12/2013
12:51 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

IT Pros Lack Security Management Support, Budget & Training

Half of respondents to SANS Institute/SolarWinds survey reported spending 20 percent or less of their IT budget on security

AUSTIN, TX – September 12, 2013 – SolarWinds (NYSE: SWI), a leading provider of powerful and affordable IT management software, in conjunction with SANS, today released the results of a security survey* of more than 600 IT professionals representing a broad range of industries and organization sizes. The survey was conducted to identify the impact of security threats and the use of security analytics and intelligence to mitigate those threats.

Survey findings:

Survey respondents generally agreed that support for managing security today was inadequate. Many are working with a limited budget to manage "information security, compliance and response," with nearly half of respondents reported spending 20% or less of their IT budget on security. A majority also expressed their need for greater security data visibility and context, and said they plan to invest in training to address those issues.

Targeted attacks that are missed by antivirus and other point solutions were a problem for most respondents. Forty-five percent of respondents reported that in the past two years their organization experienced one or more attacks that were difficult to detect. Another 21% reported that they lacked enough visibility to even answer the question.

Reported "difficult to detect" attacks took, on average, one full week to detect. The root cause was usually visibility, with specific causes such as:

Not collecting appropriate operational and security data

Lack of context to observe normal behavior (and set baselines)

Lack of system and vulnerability awareness

IT pros seeking to avoid breaches used data from a variety of sources in their security analytics. The data most frequently used included:

Log data from networks and servers

Network monitoring data

Access data from applications and access control systems

In the next 12 months, respondents said they also plan to use the following data to improve their security monitoring:

Security assessment data from endpoint, application and server monitoring tools

Monitoring and exception data pertaining to internal virtual and cloud environments

Access data from applications and access control systems

IT pros plan to invest in the following to get better visibility and response through security analytics and security intelligence:

SIEM tools

Training

Vulnerability management

"Since the responsibility of securing IT is not just the role of a security expert anymore, it's important for all IT pros to be equipped to tackle security challenges," said Sanjay Castelino, VP and Market Leader, SolarWinds. "For IT pros that don't have a lot of time or budget to invest in managing security, we offer affordable and easy-to-use tools that provide visibility and insight right out of the box. Along with SolarWinds' wider suite of IT management products, our security products have a broad set of features and functionality built in, making security and compliance management accessible to all."

Security Management for Every IT Pro, Organization

Security is everyone's problem. For IT pros that don't spend their day thinking about security yet need the tools to tackle everyday operational security challenges, SolarWinds offers a number of powerful, easy-to-use and affordable products with out-of-the-box security and threat management. From Security Information and Event Management (SIEM) to firewall and patch management and more, IT pros can assess their environments and deploy SolarWinds' IT management products on a need-by-need basis to achieve end-to-end security visibility, including:

SolarWinds Log & Event Manager (LEM) – SIEM; real-time event correlation, endpoint data loss monitoring, active threat responses

SolarWinds Firewall Security Manager (FSM) – Firewall auditing and configuration management

SolarWinds Patch Manager – Endpoint vulnerability management

SolarWinds User Device Tracker (UDT) – Network user and device tracking

SolarWinds Serv-U Managed File Transfer (MFT) Server – Secure file sharing and file transfer

Join SolarWinds at SANS Network Security 2013 Las Vegas

Network Security attendees are invited to stop by booth No. 14 on September 18 to see live demos and to learn from the product experts about SolarWinds LEM, SolarWinds FSM, SolarWinds Patch Manager, SolarWinds UDT, and SolarWinds MFT Server, and to grab some geeky gear.

*The survey was conducted from June 10 – July 19, 2013, resulting in 647 survey responses from IT practitioners, managers and directors in the U.S. and Canada from public- and private-sector small, mid-size and enterprise companies. Public-sector specific results available upon request.

About SolarWinds

SolarWinds (NYSE: SWI) provides powerful and affordable IT management software to customers worldwide from Fortune 500 enterprises to small businesses. In all of our market areas, our approach is consistent. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem on any scale. Our solutions are rooted in our deep connection to our user base, which interacts in our online community, thwack, to solve problems, share technology and best practices, and directly participate in our product development process. Learn more today at http://www.solarwinds.com/.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-0460
Published: 2014-04-16
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.

CVE-2011-0993
Published: 2014-04-16
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors.

CVE-2011-3180
Published: 2014-04-16
kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.

CVE-2011-4089
Published: 2014-04-16
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

CVE-2011-4192
Published: 2014-04-16
kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."

Best of the Web