It is virtually impossible for information security organizations to keep up with the burgeoning level of alerts using traditional tools.
Boulder, CO. (PRWEB) June 10, 2014
Enterprise Management Associates (EMA), a leading IT and data management research and consulting firm, today released its latest research report entitled, “The Evolution of Data Driven Security.” Based on research criteria defined by EMA Research Director, Security and Risk Management, David Monahan, this report provides insights into IT and Information Security practitioners’ perceptions of their impediments to, and the solutions necessary for, success during this time of Big Data.
Information Security has always been a large producer and consumer of data. More sophisticated best practices combined with expanding compliance and regulatory requirements have almost exponentially accelerated the production and consumption of data. Event and activity logs have grown to Big Data proportions. As a result, traditional log and event management tools and monitoring practices are becoming increasingly insufficient.
“It is virtually impossible for information security organizations to keep up with the burgeoning level of alerts using traditional tools,” says Monahan. “Just as business groups are turning to Big Data, Business Intelligence tools to gain actionable intelligence for solving their complex problems, security analysts, incident responders and forensic analysts need similar capabilities to protect, analyze and respond to the deluge of complex attacks. Research shows that leading edge security organizations are finding these capabilities in the form of Security Analytics and Threat Analytics solutions.”
The research analyzed various aspects of 13 security technologies used in Security Management. These technologies included tools that have been in use for over ten years, such as Web Security Gateways, Network Admission Control (NAC) and Security Event & Incident Management (SIEM), as well as many newcomers such as Advanced Persistent Threat (APT)/ Advanced Targeted Attack (ATA) detection, Cloud Application Security and Advanced Security Analytics (SA) or Threat Analytics (TA).
The era of Big Data has demonstrated to information security, however, that there is more that can, and must, be done to identify threats, reduce risk, address fraud and improve compliance monitoring activities. Practitioners can reap the security value of new forms of structured and unstructured data such as Human Resources records, employee calendars and email, and other data not consumed by traditional log management and SIEM technologies; new adaptive algorithms called Machine Learning and Big Data analysis techniques can be utilized to identify abstract data relationships, anomalies, trends, fraudulent and other behavioral changes within the data. Ultimately, the era of Big Data is driving the next technology evolution.
Key Findings include:
- Over 50% of organizations have not deployed SIEM, a foundational security technology.
- 46% of respondents believe SA/TA is the next evolution in SIEM.
- 95% of SA/TA users received “expected” to “greater than expected” value from their solution.
- 65% of respondents said they need advanced automated response to keep up with security alerts.
- 69% of respondents were “less than confident” to “highly doubtful” they could detect an important security issue before it had significant impact.
- 90% of organizations that have deployed a combination of SIEM, SA/TA and/or APT/ATA experienced reduced false alerts or improved actionable alerts; 100% of organizations that deployed only SA/TA experienced the reduction/improvement.
The EMA “The Evolution of Data Driven Security” Research Report is available online.
For an overview of key highlights from this new research view the on-demand Webinar.
About Enterprise Management Associates
Founded in 1996, Enterprise Management Associates (EMA) is a leading industry analyst firm that provides deep insight across the full spectrum of IT and data management technologies. EMA analysts leverage a unique combination of practical experience, insight into industry best practices, and in-depth knowledge of current and planned vendor solutions to help its clients achieve their goals. Learn more about EMA research, analysis, and consulting services for enterprise line of business users, IT professionals and IT vendors at http://www.enterprisemanagement.com or blogs.enterprisemanagement.com.