Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

04:53 PM
Dark Reading
Dark Reading
Products and Releases

80% Say Network Threats Will Increase In 2010 And 2011 While Budgets Drop

netForensics study results conclude the need for increased budgeting and resources for network security

EDISON, N.J., June 24 /PRNewswire/ -- netForensics, Inc., a leader in the Security Information and Event Management market, today announced a new study, entitled "Security in a Down Economy: Limited Budgets, Less Staff, More Threats," shows a perceived increase in network threats throughout 2010 and into 2011. The study was conducted by netForensics during the week of June 7, 2010 to learn about the impact the economic downturn has had on organizations' security posture and budgets, and the potential consequences organizations will face over the next 12-24 months as a result.

From the 100-plus survey respondents, 85% believe their organization's security environment will grow more complex over the next 24 months, leading to additional security threats in the second half of 2010 and into 2011. Yet, 53% believe their organization is not budgeting enough on security to manage increasing threats. The study results conclude the need for increased budgeting and resources for network security, while also revealing that organizations are failing to maintain or increase security talent in order to prevent the forecasted threats.

"Based on the findings of our study, organizations are cutting security staff to reduce costs, yet the overall perception is that organizations will ultimately face more threats this year and next," said Dale Cline, CEO of netForensics. "It's troublesome to see that companies are not taking measures now to prevent the increasing and undeniable threats to their networks from occurring. With security staff remaining static or decreasing, and budgets not being allocated to put security processes in place, organizations are going to face greater challenges than ever to their security posture."

Additionally, the survey showed that more than 65% of respondents do not feel confident their organization has complete visibility into its security posture at any given point in time. Respondents stated, "My organization is letting security people go," "we allocate enough capital, but we are lacking in allocation of bodies to complete the work," and "[our] organization [is] downsizing and reducing security positions." Still with the increased threats and reduced staff, more than 70% of study respondents would not outsource their security.

"The results of this survey are apparent that security professionals are being asked to do more with less, while, at the same time, the organization is being put at a higher risk," said Tracy Hulver, Executive Vice President of Products and Marketing at netForensics. "The conclusion is that companies need to look at other alternatives such as outsourcing to cloud security, deploying technologies that maximize existing security infrastructure without having to invest in new big-budget items, acquiring technology via security-as-a-service pricing models, or risk being attacked and having costly data theft or critical infrastructure failure."

Other key survey findings include:

-- A combined (63%) of respondents say that the economy has had an impact on their security posture. Over the last 12 months, respondents cited changes to their organizations security staff: increased (15%), decreased (24%) or stayed static (54%). Furthermore, similar opinions were given as to security staff changes over the course of the upcoming 12 months as the economy looks to rebuild: increasing (20%), decreasing (15%), staying static: (51%). -- (56%) of respondents feel that they are more secure today than they were 12 months ago. Yet, (80%) of the security professionals identified could not state the number of raw security events their organization deals with on a daily basis.

About netForensics

netForensics security information and event management solutions enable organizations of all sizes to rapidly identify and respond to threats and adhere to ever-changing compliance regulations. Our software and appliance products collect and centralize volumes of event log data to deliver actionable, real-time security intelligence. For more information, visit: http://www.netforensics.com read the blog or follow us on Twitter.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-06-06
The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an Add Task Input operation in a dashboard.
PUBLISHED: 2020-06-06
showAlert() in the administration panel in Bludit 3.12.0 allows XSS.
PUBLISHED: 2020-06-06
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
PUBLISHED: 2020-06-06
In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier, Management Console allows XXE during addition or update of a Lifecycle.
PUBLISHED: 2020-06-06
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.