Establishing Digital Trust: Don't Sacrifice Security for Convenience
According to the results of a recent Emulex survey of 547 U.S. and European network and security operations professionals, fully 73 percent of IT staff said they currently have unresolved network events.
"An unresolved network event is one in which the root cause has not been established and therefore the risk of reoccurrence has not been mediated," Matt Walmsley, senior marketing manager at Emulex division Endace, told SC Magazine. "These events are still unresolved because these IT pros do not have access to the right post-event forensics tools."
The survey, conducted in the spring of 2014, also found that 77 percent of respondents admitted having reported the root cause of a network or security event to their executive team that turned out to be incorrect, and 79 percent have experienced network events that were attributed to the wrong IT group.
Eighty-seven percent of respondents said that, at least once, they had reported the root cause of a network or security issue to their management but didn't have the information required to be completely accurate in their assessment -- and 39 percent said that had happened at least a few times.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
And 45 percent of IT staff said they monitor network and application performance manually instead of using network monitoring tools -- even though 83 percent said there has been an increase in the number of security events they've investigated in the past year, and 81 percent of security operations respondents said their organization has experienced a network security breach.
Twenty-seven percent of network breaches were discovered through manual searches and user reporting without the use of alerting tools; and 70 percent of network operations respondents have experienced a critical network event that took at least one full business day to diagnose.
More than half of U.S. respondents said network outages or performance degradations cost their organizations more than half a million dollars in revenue per hour.
"IT is facing new challenges related to the growing use of software-defined networking, virtualization and higher performing networks, as well as increasingly more sophisticated attacks on company IT assets," Emulex senior vice president of marketing Shaun Walsh said in a statement.
Similarly, a recent EiQ Networks survey of 268 IT decision makers found that almost one third don't have basic SIEM (security information and event management) and log management solutions in place, and 71 percent said they were either "not confident" in their security or "not at all prepared" to manage a potential security breach.
"In the midst of numerous high profile data security breaches, organizations continue to struggle with ways to monitor, manage and remediate security, risk and compliance issues and it's obvious SIEM is falling short," EiQ vice president of product management Brian Mehlman said at the time.
eSecurity Planet also recently examined the potential benefits of using a managed security service provider (MSSP) to handle a variety of needs, including monitoring -- Gartner is predicting that the cloud-based security services market will be worth $3.1 billion by 2015.