CISOs are looking for more integration and automation
Enterprise CISOs are looking for more integration and automation among their existing IT security tools, and that most are only periodically monitoring and mitigating events in their network environments.
A new ForeScout survey collected responses from 350 corporate executives and consultants with information security responsibility across multiple industry verticals, including technology, finance, government, healthcare and manufacturing. The findings explored respondents’ current use of security tools and goals for future security portfolio capabilities around automation, communication and remediation.
Key details include:
Stand-alone security solutions are proliferating: Some 52 percent of large enterprises, defined as organizations with more than $1 billion per year annual revenue, said they operate more than 13 different security tools.
These tools aren’t talking to one another: Despite the large number of security tools in use, the survey identified that it is rare for these tools to directly collaborate with each other. Sixty-nine percent of the participants in the survey said that aside from their security information and event management (SIEM) systems, they had only a couple of tools that could directly share security-related context or control information.
Large enterprises desperately want collaborative security solutions: Ninety-five percent of large enterprise respondents said it would be “helpful or very helpful” if their IT security and management systems shared information about devices, applications, users and vulnerabilities on the network. In addition, 93 percent of large enterprise respondents said it would be “helpful or very helpful” if a majority of their risk analysis systems were linked to automated security controls such as firewalls, network access control, or patch management systems.
Collaborative security seen as preventative measure: The vast majority of respondents (78 percent) said that linking security systems to automated security controls will help prevent future compromise.
Majority of respondents only perform periodic security health checks: Nearly 60 percent of respondents perform periodic, rather than continuous, monitoring and mitigation of their network environments to ensure that all software is up-to-date and patched, leaving gaps in visibility that can be exploited by hackers or malware.
“The explosion of the number of endpoint devices connecting to the network is creating new entry points for cyber criminals into an organization. Yet, survey results found that nearly 60 percent of respondents only perform monitoring and mitigation on a periodic basis of endpoints, instead of continuously,” said Pedro Abreu, chief strategy officer at ForeScout.