Systems and Security Management Finally Converge

Email     |     Share  
1 | 2 | 3 | 4
Previous Systems and Security Management Finally Converge-1 Next

Click through for results of a recent survey by RSA.

For more years than most IT folks care to remember, there’s been an expectation that systems and security management would one day converge. That convergence, unfortunately, never really happened in large scale enterprises.

But a new survey of 223 IT organizations with less than 2,000 employees that was conducted by The SANS Institute on behalf of RSA, the security division of EMC, finds that the convergence of security and systems management may finally be happening among small-to-medium businesses.

SMB organizations are always hard pressed when it comes to IT staffing, so they can’t really afford dedicated security specialist. The RSA survey found that detecting and preventing unauthorized access and insider abuse was by far and away the most critical reason that IT organizations analyze logs. But in terms of actual usefulness, detection of unauthorized access was edged out by forensic analysis and correlation. That indicates that while log management plays an important role in security, systems management functions are also a primary reason that IT organizations rely on log analyzers.

Unfortunately, the study also finds that searching through log data and analyzing it are the top two challenges IT organizations face when it comes to analyzing log data.

Sam Curry, chief technology officer for marketing at RSA, said increases awareness of compliance issues was driving more SMB customers to embrace log management tools. In addition, customers were looking to do a lot more in terms of root cause analysis to discover potential security threats.

But while EMC is working to automate many of these functions, Curry did not that too many IT professionals distrust any IT automation because they feel they then lack real visibility into their system processes. But at log analyzer tools become more sophisticated and IT professionals becomes more pressed for time, Curry said more IT organizations will embrace these tools despite any perceived trade offs in terms of visibility.

In the meantime, Curry said IT organizations serving SMB companies may actually be more comprehensive in their approach to systems and security information event management (SIEM) because they are relying on log analyzers to perform both functions. In contrast, large scale IT organizations are more likely to have separate systems and security management staffs that rely on different sets of tools. But as Curry notes, the IT organization that shares a common set of tools is more likely to more efficient in terms of the convergence of security and systems management.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Compliance4-190x128 GRC Programs: Building the Business Case for Value

Experience shows that organizations that manage GRC as an integrated program — involving people, processes and technologies — are more successful in delivering value to their organizations ...  More >>

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.