Enterprise Security Monitoring Weaknesses Telegraph Lots of Future Cybersecurity Opportunities

In a recent ESG research survey of 257 security professionals working at enterprise organizations (i.e., more than 1,000 employees), respondents were asked to identify where their organizations were weakest with regard to security monitoring. This graphic displays the results:

Topics: Cybersecurity Information and Risk Management Security and Privacy Centrify threat intelligence CyberArk Courion Sailpoint Bradford Networks Norse BitSight

Big Data Security Analytics Meets Identity and Access Management (IAM)

While most enterprise organizations have SIEM installed, they now realize that these venerable security systems cannot address today’s dangerous threat landscape alone. As a result, many are adding network forensics and big data analytics systems for capturing, processing, and analyzing a whole bunch of additional security data.

In the majority of cases, big data security analytics systems are applied to data such as network packets, packet metadata, e-mails, and transaction systems to help security teams detect malware, phishing sites, and online fraud. Great start, but I’m starting to see another burgeoning focus area – IAM. Of course, many large organizations have IAM tools for user provisioning, SSO, and identity governance, but tracking all the instantiations of user activity remains elusive. In a recent ESG research survey, security professionals were asked to identify their weakest area of security monitoring. More than one-quarter (28%) pointed to “user behavior activity monitoring/visibility,” – the highest percentage of all categories.

Topics: IBM End-User Computing Data Management & Analytics Information and Risk Management Enterprise Software Security and Privacy Security big data security analytics Courion Sailpoint compliance IAM Governance cybercrime Anti-malware

Enterprises Are Not Monitoring Access to Sensitive Data

If you want to make a cybersecurity professional uncomfortable, simply utter these two word: ‘Data exfiltration.’ Why will this term garner an emotional response? Because data exfiltration is a worst-case outcome of a cyber-attack – think Target, the NY Times, Google Aurora, Titan Rain, etc. Simply stated, ‘data exfiltration’ is a quasi-military term used to describe the theft of sensitive data like credit card numbers, health care records, manufacturing processes, or classified military plans.

Most enterprises now recognize the risks associated with data exfiltration and are now reacting with new types of security technologies, granular network segmentation, and tighter access controls. Good start but what about simply monitoring sensitive data access activities? You know, who accesses the data, how often, what they do, etc.?

Topics: Information and Risk Management Dell Security and Privacy Security google Centrify CyberArk Courion Sailpoint data security Quest Box Symantec Target nsa cybercrime identity and access management security analytics Edward Snowden

Enterprise Security Professionals Identify Mobile Computing Security Challenges

Most companies now provide network access and application support for non-PC devices like smartphones and tablets and many are developing new applications and business processes designed specifically for these devices. Business managers look at iPhones, Android devices, and even Windows phones and see opportunities for revenue growth, cost cutting, and improved communication everywhere.

Topics: IBM Cybersecurity MDM Information and Risk Management mobile Security and Privacy Security cybersecurity skills shortage endpoint security Citrix CyberArk Courion Bradford Networks Fiberlink android Good Technology ForeScout Airwatch Blue Coat