IP Products

Risk report

by msecadm4921

The IT security firm McAfee announced findings from its annual study that highlights how IT decision-makers view and address the challenges of risk and compliance management in a highly regulated and increasingly complex global business environment. The report ‘Risk and Compliance Outlook: 2012’ found that Database Security and Security Information and Event Management (SIEM) were among the top priorities due to increased advanced persistent threats.

 

 

Database security has been a concern for organisations due to highly publicised data breaches and the growing regulatory compliance demands. The largest portion of an enterprise’s most sensitive and valuable information resides in databases. When asked about sensitive database breaches, more than one quarter had either had a breach or did not have the visibility to detect a breach. In addition, respondents listed databases as the top challenge in meeting regulatory mandates.

 

The other top concern was SIEM, finding that most organisations rely on legacy systems that do not meet their current needs. Ever changing threats, data breaches, and IT complexity add to the burden of being able to monitor security events, detect attacks, and assess real and potential risk. About 40pc of organisations are planning to implement or update a SIEM solution. While 80pc of respondents cited visibility as very important, security teams remained challenged in this area. Discovering threats was listed as the top challenge to managing enterprise risk.

 

Key Findings:

·         Similar to the 2011 survey, there is a positive trend in security budgets for 2012 with 96pc of the organisations indicating same or more expenditure on risk and compliance.

·         Organisations state ‘Compliance’ as the driver for almost 30pc of IT projects.

·         Software and Appliance are the top choices for risk and compliance products. On average, one-third of all organisations prioritised the upgrade/implementation of unique risk and compliance products to address vulnerability assessment, patch management, remediation, governance, risk management, and compliance.

·         Survey data showed rapid uptake towards Hosted SaaS and Virtualisation. Nearly 40pc of organisations claim to be moving towards these deployment models in 2012.

·         Patch Management frequency is a challenge – almost half of the organisations patch on a monthly basis with one-third doing it on a weekly basis. Just like last year’s analysis, not all companies are able to pinpoint threats or vulnerabilities, as a result, 43pc indicate that they over-protect and patch everything they can.

 

Jill Kyte, vice president of security management at McAfee, said: “Managing risk through security and compliance continues to be a leading concern for organisations the world over. Meeting the requirements of increasingly demanding regulations while reducing exposure to the new classes of sophisticated threats and having an accurate understanding of risk and compliance at any point in time can be challenging. To address this issue, organisations are looking to ‘best-of-breed’ solutions to manage all aspects of their risk and compliance needs and reduce the amount of time spent managing multiple solutions.”

 

About the Report:

The independent research for the Risk and Compliance Outlook was conducted by Evaluserve on behalf of McAfee. The survey includes responses from 438 IT decision makers, consultants and security analysts from companies with more than 250 worldwide employees who are involved in evaluation, selection, day-to-day management and maintenance of security products. Surveys were conducted in Australia, Brazil, Canada, France, Germany, New Zealand, Singapore, United Kingdom and United States. To download the report visit http://www.mcafee.com/rcoutlook12

Related News

  • IP Products

    Supported HP servers

    by Mark Rowe

    Security Buying Group now supplies HP servers for running Aimetis Symphony video management and analytics software. Security Buying Group establishes the IP…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing