Editor’s Note: The report, “Empty battlements – enemy inside the gates: Why IT managers need to make time for SIEM is attached here.
From: IT Security Pro
A study carried out by SecureData says that businesses are increasingly coming under threat of attack from both inside their organisation and outside.
The independent IT security service provider – which estimates that UK businesses alone lose £21bn a year to cybercrime – says the research sought to identify how businesses are struggling to manage their Security Information and Event Management (SIEM) systems, leaving them vulnerable to security attacks, data breaches, and compliance issues.
The report – entitled `Empty battlements – enemy inside the gates’ – concludes that 62pc of respondents’ businesses have an internal system as their IT central logging system, whilst the biggest challenge faced by 59pc of IT managers with regard to IT logs and systems is having the time and resource availability required to regularly monitor logs for suspicious behaviour.
Interestingly, 43pc of respondents see the ability of their business to detect internal and external threats – such as the latest zero-day vulnerabilities – as a high risk IT security challenge.
42pc of professionals, meanwhile, said they believe that managing multiple systems (e.g. network, Windows server, Unix, security) with different teams supporting each and controlling logs – defined as having no single point of control policies – represents a high risk IT security challenge.
Etienne Greeff, managing director with SecureData, said that businesses are clearly struggling to stay on top of the management, reporting and analysis of their Security Information and Event Management (SIEM) systems.
“Rather than fire-fighting the situation [however], businesses should be seeking the support of an outsourced solution, so they meet compliance standards and reduce the risk of security attacks on their data,” he said.
The Vanson Bourne Omnibus survey of 100 IT managers in large UK enterprises found that a large number of IT managers control their central IT logging system in-house – yet they admit what a huge challenge it is to find the time and resources to manage these systems, and all that they encompass, adequately and effectively.
“With near-on half of IT managers feeling that their inability to detect internal and external threats is putting their businesses at huge risk, this illustrates that now is the time for them to act,” the study notes.
The report goes on to say that businesses need a system that supports both day-to-day system management and resilience with advanced cyber threat defence, detection and response to protect their networks from a rapidly evolving threat landscape.
“They need real-time detection of anomalies and alerting, advanced correlation and pattern recognition for forensic analysis and rapid analysis of the cause of any threats,” it notes.
Leave a Reply