Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


12:51 PM
Dark Reading
Dark Reading
Products and Releases

IT Pros Lack Security Management Support, Budget & Training

Half of respondents to SANS Institute/SolarWinds survey reported spending 20 percent or less of their IT budget on security

AUSTIN, TX – September 12, 2013 – SolarWinds (NYSE: SWI), a leading provider of powerful and affordable IT management software, in conjunction with SANS, today released the results of a security survey* of more than 600 IT professionals representing a broad range of industries and organization sizes. The survey was conducted to identify the impact of security threats and the use of security analytics and intelligence to mitigate those threats.

Survey findings:

Survey respondents generally agreed that support for managing security today was inadequate. Many are working with a limited budget to manage "information security, compliance and response," with nearly half of respondents reported spending 20% or less of their IT budget on security. A majority also expressed their need for greater security data visibility and context, and said they plan to invest in training to address those issues.

Targeted attacks that are missed by antivirus and other point solutions were a problem for most respondents. Forty-five percent of respondents reported that in the past two years their organization experienced one or more attacks that were difficult to detect. Another 21% reported that they lacked enough visibility to even answer the question.

Reported "difficult to detect" attacks took, on average, one full week to detect. The root cause was usually visibility, with specific causes such as:

Not collecting appropriate operational and security data

Lack of context to observe normal behavior (and set baselines)

Lack of system and vulnerability awareness

IT pros seeking to avoid breaches used data from a variety of sources in their security analytics. The data most frequently used included:

Log data from networks and servers

Network monitoring data

Access data from applications and access control systems

In the next 12 months, respondents said they also plan to use the following data to improve their security monitoring:

Security assessment data from endpoint, application and server monitoring tools

Monitoring and exception data pertaining to internal virtual and cloud environments

Access data from applications and access control systems

IT pros plan to invest in the following to get better visibility and response through security analytics and security intelligence:

SIEM tools


Vulnerability management

"Since the responsibility of securing IT is not just the role of a security expert anymore, it's important for all IT pros to be equipped to tackle security challenges," said Sanjay Castelino, VP and Market Leader, SolarWinds. "For IT pros that don't have a lot of time or budget to invest in managing security, we offer affordable and easy-to-use tools that provide visibility and insight right out of the box. Along with SolarWinds' wider suite of IT management products, our security products have a broad set of features and functionality built in, making security and compliance management accessible to all."

Security Management for Every IT Pro, Organization

Security is everyone's problem. For IT pros that don't spend their day thinking about security yet need the tools to tackle everyday operational security challenges, SolarWinds offers a number of powerful, easy-to-use and affordable products with out-of-the-box security and threat management. From Security Information and Event Management (SIEM) to firewall and patch management and more, IT pros can assess their environments and deploy SolarWinds' IT management products on a need-by-need basis to achieve end-to-end security visibility, including:

SolarWinds Log & Event Manager (LEM) – SIEM; real-time event correlation, endpoint data loss monitoring, active threat responses

SolarWinds Firewall Security Manager (FSM) – Firewall auditing and configuration management

SolarWinds Patch Manager – Endpoint vulnerability management

SolarWinds User Device Tracker (UDT) – Network user and device tracking

SolarWinds Serv-U Managed File Transfer (MFT) Server – Secure file sharing and file transfer

Join SolarWinds at SANS Network Security 2013 Las Vegas

Network Security attendees are invited to stop by booth No. 14 on September 18 to see live demos and to learn from the product experts about SolarWinds LEM, SolarWinds FSM, SolarWinds Patch Manager, SolarWinds UDT, and SolarWinds MFT Server, and to grab some geeky gear.

*The survey was conducted from June 10 – July 19, 2013, resulting in 647 survey responses from IT practitioners, managers and directors in the U.S. and Canada from public- and private-sector small, mid-size and enterprise companies. Public-sector specific results available upon request.

About SolarWinds

SolarWinds (NYSE: SWI) provides powerful and affordable IT management software to customers worldwide from Fortune 500 enterprises to small businesses. In all of our market areas, our approach is consistent. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem on any scale. Our solutions are rooted in our deep connection to our user base, which interacts in our online community, thwack, to solve problems, share technology and best practices, and directly participate in our product development process. Learn more today at http://www.solarwinds.com/.


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-07-07
MobileIron Core and Connector before, 10.4.x before, 10.5.x before, 10.5.2.x before, and 10.6.x before, and Sentry before 9.7.3 and 9.8.x before 9.8.1, allow remote attackers to execute arbitrary code via unspecified vectors.
PUBLISHED: 2020-07-07
MobileIron Core and Connector before, 10.4.x before, 10.5.x before, 10.5.2.x before, and 10.6.x before allow remote attackers to bypass authentication mechanisms via unspecified vectors.
PUBLISHED: 2020-07-07
MobileIron Core and Connector before, 10.4.x before, 10.5.x before, 10.5.2.x before, and 10.6.x before allow remote attackers to read files on the system via unspecified vectors.
PUBLISHED: 2020-07-07
In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using "contextIsolation" are affecte...
PUBLISHED: 2020-07-07
In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. As a workaround, ensure you are calling `event.preventDefault()` on all new-window events where the `url` or `options` is not ...