ESG recently published a new research report titled, Security Management and Operations: Changes on the Horizon. As part of the survey, ESG asked 315 security professionals working at enterprise organizations (i.e., more than 1,000 employees) to identify the most important factors driving their organization’s information security strategy in 2012.
The top two responses were quite predictable: 55% said “protecting sensitive data and intellectual property (IP)” while 50% pointed to regulatory compliance. What is interesting is the responses beyond these two traditional security drivers:
- 41% said “addressing new types of threats”
- 39% said “improving/automating security operations”
- 38% said “addressing security issues created by the use of mobile devices”
- 35% said “improving our ability to analyze security data and detect attacks in progress”
- 33% said “aligning security policies and controls with business processes”
This data reinforces some of my general observations about enterprise security:
- Past ESG research on Advanced Persistent Threats (APTs) indicated that a majority of organizations are increasing security budgets as a direct result of advanced malware and targeted attacks. This trend continues, so Countertack, Damballa, FireEye, Invincea, and Trend Micro remain in the catbird seat.
- Security operations is badly broken and needs a complete re-design focused on integration and automation. Good news for vendors like AlienVault, IBM, McAfee, and RSA.
- BYOD is forcing lots of changes to enterprise security. This is why specialists are winning here.
- I’m now certain that the security analytics model is in a rapid state of change--big data, new tools, greater intelligence, etc. The SIEM players are well positioned but I think that this will also push a lot of enterprises toward more managed security services.