Information Security Trends: Hackers/Crackers Remains Top Security Concern

By Tracy Corbo

Overall IT Security Spending

A total of 45% of respondents say their organization’s information security spending will increase over the next 90 days – down three points from the previous survey in July 2016.

Only 4% say spending will decrease, one-point worse than the previous survey.

Security Technology Adoption

Respondents were asked about their organization’s adoption status for several security technologies. Endpoint Security (86%) is the most widely adopted security technology, followed by Web Content Filtering (80%) and Intrusion Detection/Prevention Systems (IDS/IPS) (76%).

Security Concerns, Pain Points and Threats

Respondents were asked about their information security concerns over the past 90 days. Hackers/Crackers with Malicious Intent (56%, down one point) remains at the top of the list, followed by Compliance (50%). Internal Audit Deficiencies Based on Findings (35%, up one point) and Preventing/Detecting Insider Espionage (26%, up two points) are also issues.

Top Security Pain Points – Past 90 Days. Malicious Software (16%) continues to top the list as the top internal security pain point over the past 90 days (down one point from July). User Behavior (11%) has increased two points since July, eking out the number two spot ahead of Data Loss/Theft (9%, down one point).

Inadequately Addressed Security Threats. Respondents were also asked which security threat they believe is currently inadequately addressed within their organization. The internal problem of Preventing/Detecting Insider Espionage (30%) persists as a bigger threat than external attacks from Hackers/Crackers with Malicious Intent (24%, down three points). Cyber-warfare (14%, up one point) moved up to third since July.

Security Vendors

This section takes a look at the vendors that respondents are using across the various security technology areas.

Endpoint Security. The most common vendor for endpoint security is Symantec (31%), followed by Microsoft (26%) and Intel Security (McAfee) (22%).

Web Content Filtering. In terms of web content filtering services, 24% of respondents are currently using Blue Coat (Symantec) and another 13% are using Forcepoint (previously Websense). These are followed closely by Intel Security (McAfee) (12%).

Intrusion Detection/Prevention Systems (IDS/IPS). Respondents were asked about the primary vendor they are currently using for IDS/IPS and Cisco (29%) ranks as the first choice, with Palo Alto Networks (15%) and Check Point (14%) a more distant second and third.

Mobile Device Management (MDM)/Enterprise Mobility Management (EMM). In terms of the primary vendors that respondents are currently using for mobile security services, AirWatch by VMware (34%) is first, followed by MobileIron (21%). IBM (9%) is a more distant third.

SIEM. The most common vendor respondents are using for their SIEM service is log management vendor Splunk (33%), followed more distantly by SolarWinds (18%) and IBM (18%).

Security Information & Event Management (SIEM)

Taking a closer look at respondents that are currently using a SIEM service, respondents were asked several questions regarding their deployment of SIEM in their organization.

A total of 70% are using SIEM services to satisfy a compliance requirement. However, 90% say they would still would deploy their current SIEM even without a compliance requirement.

Leveraging SIEM. Almost two-thirds (64%) of respondents using SIEM have leveraged their investment to support either virtualized or cloud-based architectures.

You can access a PDF version of this 451 Alliance report here.

If you have any questions about your 451 Alliance membership, please contact 451Alliance@451Research.com
451 Research, LLC does not make any warranties, express or implied, as to the information presented in this report.

APPENDIX: Definitions