More

    Compliance Outlook: SIEM and Database Security Are Top Priorities

    McAfee recently announced findings from its annual study that highlights how IT decision-makers view and address the challenges of risk and compliance management in a highly regulated and increasingly complex global business environment. The report Risk and Compliance Outlook: 2012, found that Database Security and Security Information and Event Management (SIEM) were among the top priorities due to increased advanced persistent threats.

    Compliance Outlook: SIEM and Database Security Are Top Priorities - slide 1

    Click through for results from a compliance and risk management survey, conducted by McAfee.

    Compliance Outlook: SIEM and Database Security Are Top Priorities - slide 2

    Database security has been an ongoing concern for organizations due to highly publicized data breaches and the growing regulatory compliance demands. The largest portion of an enterprise’s most sensitive and valuable information resides in databases. When asked about sensitive database breaches, over one quarter had either had a breach or did not have the visibility to detect a breach. In addition, respondents listed databases as the top challenge in meeting regulatory mandates.

    Compliance Outlook: SIEM and Database Security Are Top Priorities - slide 3

    The other top concern was SIEM, finding that most organizations rely on legacy systems that do not meet their current needs. Ever changing threats, data breaches, and IT complexity add to the burden of being able to monitor security events, detect attacks, and assess real and potential risk. Approximately 40 percent of organizations are planning to implement or update a SIEM solution. While 80 percent of respondents cited visibility as very important, security teams remained challenged in this area. Discovering threats was listed as the top challenge to managing enterprise risk.

    Compliance Outlook: SIEM and Database Security Are Top Priorities - slide 4

    Similar to the 2011 survey, there is a positive trend in security budgets for 2012 with 96 percent of the organizations indicating same or more expenditure on risk and compliance.

    Compliance Outlook: SIEM and Database Security Are Top Priorities - slide 5

    Organizations state compliance as the driver for almost 30 percent of IT projects.

    Compliance Outlook: SIEM and Database Security Are Top Priorities - slide 6

    Software and appliance are the top choices for risk and compliance products. On average, one-third of all organizations prioritized the upgrade/implementation of unique risk and compliance products to address vulnerability assessment, patch management, remediation, governance, risk management, and compliance.

    Compliance Outlook: SIEM and Database Security Are Top Priorities - slide 7

    Survey data showed rapid uptake towards hosted SaaS and virtualization. Nearly 40 percent of organizations claim to be moving towards these deployment models in 2012.

    Compliance Outlook: SIEM and Database Security Are Top Priorities - slide 8

    Patch management frequency is a challenge – almost half of the organizations patch on a monthly basis with one-third doing it on a weekly basis. Just like last year’s analysis, not all companies are able to pinpoint threats or vulnerabilities, as a result, 43 percent indicate that they over-protect and patch everything they can.

    Latest Articles