EiQ just completed our annual survey of IT security professionals, which uncovered some interesting findings on how Secure Information and Event Management (SIEM) and Log Management technology is actually improving threat management and incident response.
SIEM holds significant potential to help organizations protect valuable data from cyber attacks. However, the survey of 268 IT decision makers found that only 1/3 of organizations have basic SIEM and log management in place.
As a result, 82% of IT professionals are either “concerned” or “very concerned” that their organization will face a security breach in the next year. Moreover, 71% of respondents said they are either “not confident” in their security or “not at all prepared” to manage a potential security breach.
Interestingly, half of companies with SIEM and Log Management products and solutions in place said it took anywhere from a “few weeks” to “a few months” to deploy. This is unchanged compared to last year’s survey results.
This survey confirms what we’ve known for years: a SIEM infrastructure is critical to organizations today, especially in light of the growing threat of a data breach, but advanced network monitoring infrastructure is also necessary to manage their IT security infrastructure. It’s critical for companies to have the infrastructure in place to monitoring the network 24x7, anticipate security issues and provide security visibility into the entire organization to identify threats, mitigate risks and enable compliance.
Here are some other key findings from the survey. Take a look at our Infographic, “Navigating IT Risk on Stormy Seas,” as well.
- “Knowing which systems are adequately protected” and “discovering vulnerabilities” are seen as the biggest challenges to Risk Management in 2014
- Managing complexity” (29%) of SIEM products continues to be the main challenge faced with SIEM systems, followed by “lack of integration” with other network management tools (16%)
- 25% said “compliance” is the number one reason to purchase a SIEM; 24% said “real time threat detection and response” is also a primary driver of SIEM purchases
- 28% said it took a few weeks or more than a month to deploy their latest SIEM product.
- 40% want to replace their SIEM citing cost savings and superior technology as primary drivers
- “Mobility/BYOD” (41%) followed by “cloud” (31%) will have the biggest impact on risk management for organizations in 2014 according to respondents.