But there are not enough experts to run SIEM software
As media reports of cyber attacks increase in frequency, 44 percent of enterprises are planning to increase their expenditure on information security products and services in the next 90 days, suggests a survey by 451 Research.
Only 4 percent of enterprises are reducing their security spending.
The survey also found that SIEM (Security Information and Event Management) software was capable of solving some of the most frequently quoted security concerns, but adoption was hampered by the lack of staff and skills.
Source: Thiunkstock / ikryannikovgmailcom
According to the quarterly Voice of the Enterprise: Information Security survey, ‘hackers with malicious intent’ have remained the top security concern for 41 percent of respondents.
At the same time 37 percent struggled with compliance requirements, leading security managers to admit that compliance requirements were a key driver in getting projects approved (23 percent), second only to risk assessment (25 percent).
The survey focused its attention on the adoption of SIEM software, which can provide real-time analysis of security alerts generated by network hardware and applications. It can also be used to log security data and generate reports for compliance purposes.
According to the results of the survey, Splunk was named the most popular SIEM solution. It was also the highest rated, followed by McAfee Enterprise Security Manager and SolarWinds SIEM.
However, security managers reported significant obstacles in fully realizing the benefits of SIEM because of lack of expertise (44 percent) and inadequate staffing (28 percent) - only a little over half of enterprises were able to devote more than one professional to their SIEM implementation and monitoring.
“SIEM solutions still retain a reputation for being difficult to set up, difficult to add new feeds to, and difficult to tune,” explained Daniel Kennedy, research director for Information Security at 451 Research.
“That said, their value to the enterprise security manager is increasingly understood, and while many SIEM implementations may have started out as a compliance check mark, they have transcended those roots.”
The Voice of the Enterprise report was based on responses from more than 800 IT professionals, primarily in North America and EMEA.