Are organizations prepared for a data breach?
82% of IT professionals are either “concerned” or “very concerned” that their organization will face a security breach in the next year, according to EiQ Networks.
71% of respondents said they are either “not confident” in their security or “not at all prepared” to manage a potential security breach. However, even as concern was high and confidence levels in security systems low, nearly one-third of those surveyed said their organization does not have basic SIEM and Log Management in place.
Key takeaways:
- Knowing which systems are adequately protected” and “discovering vulnerabilities” are seen as the biggest challenges to Risk Management in 2014
- Managing complexity” (29%) of SIEM products continues to be the main challenge faced with SIEM systems, followed by “lack of integration” with other network management tools (16%)
- 25% said “compliance” is the number one reason to purchase a SIEM; 24% said “real time threat detection and response” is also a primary driver of SIEM purchases
- 28% said it took a few weeks or more than a month to deploy their latest SIEM product.
- 40% want to replace their SIEM citing cost savings and superior technology as primary drivers
- “Mobility/BYOD” (41%) followed by “cloud” (31%) will have the biggest impact on risk management for organizations in 2014 according to respondents.
Brian Mehlman, Vice President of Product Management, EiQ Networks, said: “”IT security professionals have made clear that not only is a SIEM infrastructure critical to most organizations but advanced network monitoring infrastructure is also necessary to manage their IT security infrastructure. It’s also critical for companies to follow industry best practices like SANS Critical Security Controls while monitoring the network 24×7 to anticipate security issues and provide security visibility into the entire organization to identify threats, mitigate risks and enable compliance.”
Conducted between February 19 and March 7, the study reflects responses from 268 IT decision makers including senior management, security managers, directors, and network and systems engineers across industries including healthcare, government, financial services and retail, with breakouts for small and midsize enterprises.