Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

04:53 PM
Dark Reading
Dark Reading
Products and Releases

80% Say Network Threats Will Increase In 2010 And 2011 While Budgets Drop

netForensics study results conclude the need for increased budgeting and resources for network security

EDISON, N.J., June 24 /PRNewswire/ -- netForensics, Inc., a leader in the Security Information and Event Management market, today announced a new study, entitled "Security in a Down Economy: Limited Budgets, Less Staff, More Threats," shows a perceived increase in network threats throughout 2010 and into 2011. The study was conducted by netForensics during the week of June 7, 2010 to learn about the impact the economic downturn has had on organizations' security posture and budgets, and the potential consequences organizations will face over the next 12-24 months as a result.

From the 100-plus survey respondents, 85% believe their organization's security environment will grow more complex over the next 24 months, leading to additional security threats in the second half of 2010 and into 2011. Yet, 53% believe their organization is not budgeting enough on security to manage increasing threats. The study results conclude the need for increased budgeting and resources for network security, while also revealing that organizations are failing to maintain or increase security talent in order to prevent the forecasted threats.

"Based on the findings of our study, organizations are cutting security staff to reduce costs, yet the overall perception is that organizations will ultimately face more threats this year and next," said Dale Cline, CEO of netForensics. "It's troublesome to see that companies are not taking measures now to prevent the increasing and undeniable threats to their networks from occurring. With security staff remaining static or decreasing, and budgets not being allocated to put security processes in place, organizations are going to face greater challenges than ever to their security posture."

Additionally, the survey showed that more than 65% of respondents do not feel confident their organization has complete visibility into its security posture at any given point in time. Respondents stated, "My organization is letting security people go," "we allocate enough capital, but we are lacking in allocation of bodies to complete the work," and "[our] organization [is] downsizing and reducing security positions." Still with the increased threats and reduced staff, more than 70% of study respondents would not outsource their security.

"The results of this survey are apparent that security professionals are being asked to do more with less, while, at the same time, the organization is being put at a higher risk," said Tracy Hulver, Executive Vice President of Products and Marketing at netForensics. "The conclusion is that companies need to look at other alternatives such as outsourcing to cloud security, deploying technologies that maximize existing security infrastructure without having to invest in new big-budget items, acquiring technology via security-as-a-service pricing models, or risk being attacked and having costly data theft or critical infrastructure failure."

Other key survey findings include:

-- A combined (63%) of respondents say that the economy has had an impact on their security posture. Over the last 12 months, respondents cited changes to their organizations security staff: increased (15%), decreased (24%) or stayed static (54%). Furthermore, similar opinions were given as to security staff changes over the course of the upcoming 12 months as the economy looks to rebuild: increasing (20%), decreasing (15%), staying static: (51%). -- (56%) of respondents feel that they are more secure today than they were 12 months ago. Yet, (80%) of the security professionals identified could not state the number of raw security events their organization deals with on a daily basis.

About netForensics

netForensics security information and event management solutions enable organizations of all sizes to rapidly identify and respond to threats and adhere to ever-changing compliance regulations. Our software and appliance products collect and centralize volumes of event log data to deliver actionable, real-time security intelligence. For more information, visit: http://www.netforensics.com read the blog or follow us on Twitter.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-11
In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly
PUBLISHED: 2021-05-11
In JetBrains WebStorm before 2021.1, code execution without user confirmation was possible for untrusted projects.
PUBLISHED: 2021-05-11
In JetBrains WebStorm before 2021.1, HTTP requests were used instead of HTTPS.
PUBLISHED: 2021-05-11
In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible.
PUBLISHED: 2021-05-11
In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages.