By Jillian Koskie
A recent study by 451 Research shows that security spending continues to be strong, with 44.5 percent of the 900 enterprise IT pros surveyed indicating they intend to increase their budgets during the next 90 days. This number compares with only 4 percent of respondents indicating they plan to decrease security spending during the same time period.
When asked to rate their top sources of pain, 14.3 percent of respondents cited user behavior as a top concern for their organizations. Organizational politics, compliance related requirements, and staffing fell next highest on the list of worries.
Surprisingly, cloud security and hardware security rated very low, earning only 3 percent and 0.5 percent of responses respectively.
Based on these results, 451 Research advises that Security Information and Event Management (SIEM) solutions can help IT departments stay on top of an increasingly complex threat environment.
Like a centralized dashboard of information security tools, SIEM solutions essentially log large amounts of security intelligence data that can be used to generate reports and alerts. This kind of data is helpful for predicting security vulnerabilities as much as performing forensic analysis after an attack or breach occurs.
According to 451, SIEM offers "a high ceiling in terms of potential benefits to security monitoring: a way to make reams of logged information from systems and applications relevant and searchable and a way to integrate outside threat intelligence in a meaningful way by marrying it to what's actually happening in the systems' environment."
While the survey did uncover many respondents already taking advantage of SIEM, only 31.9 percent of those believe their organizations are reaching more than 80 percent utilization of these services (with many indicating they are operating at less than 40 percent efficacy).
Given the complexity and potential volume of data, maximizing your SIEM investment requires proper configuration, ongoing monitoring, and skilled management. Achieving these objectives means choosing the right SIEM vendor while managing organization expectations.
According to the study, the best rated SIEM implementation belongs to Splunk. Though not considered to be a true SIEM system, Splunk earned top marks for querying capability, report quality, and integration potential versus big-name competitors like Intel (McAfee), SolarWinds, HP, and IBM.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.