Connect with us

Hi, what are you looking for?


Management & Strategy

IT Pros Lack Support to Manage Security Intelligence: Survey

SolarWinds, a maker of IT management software, recently released the results of a security survey of more than 600 IT professionals representing a broad range of industries and organization sizes.

SolarWinds, a maker of IT management software, recently released the results of a security survey of more than 600 IT professionals representing a broad range of industries and organization sizes.

Conducted in conjunction with SANS, the goal of the survey was to identify the impact of security threats and the use of security analytics and intelligence to mitigate those threats.

According to the results of the survey, respondents generally agreed that support for managing security today was inadequate. Many are working with a limited budget to manage “information security, compliance and response,” with nearly half of respondents reported spending 20 percent or less of their IT budget on security.

A majority also expressed their need for greater security data visibility and context, and said they plan to invest in training to address those issues.

Not surprisingly, targeted attacks missed by antivirus and other endpoint solutions were a problem for most respondents. In fact, forty-five percent of respondents said their organization experienced one or more attacks that were difficult to detect.

Another 21 percent reported that they lacked enough visibility to even answer the question. Reported “difficult to detect” attacks took, on average, one full week to detect.

The root cause was usually visibility, with specific causes such as:

Advertisement. Scroll to continue reading.

• Not collecting appropriate operational and security data

• Lack of context to observe normal behavior (and set baselines)

• Lack of system and vulnerability awareness IT pros seeking to avoid breaches used data from a variety of sources in their security analytics.

The data most frequently used included:

• Log data from networks and servers

• Network monitoring data

• Access data from applications and access control systems

In the next 12 months, respondents said they also plan to use the following data to improve their security monitoring:

• Security assessment data from endpoint, application and server monitoring tools

• Monitoring and exception data pertaining to internal virtual and cloud environments

• Access data from applications and access control systems

So how do these professionals plan to address these challenges? According to the survey, most plan to invest in the following technologies to get better visibility and response through security analytics and security intelligence:

• SIEM tools

• Training

• Vulnerability management

“Since the responsibility of securing IT is not just the role of a security expert anymore, it’s important for all IT pros to be equipped to tackle security challenges,” said Sanjay Castelino, VP and Market Leader, SolarWinds.

The survey was conducted from June 10 – July 19, 2013, resulting in 647 survey responses from IT practitioners, managers and directors in the U.S. and Canada from public- and private-sector small, mid-size and enterprise companies.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.