1 Current Trends in Enterprise IT Network Security Key Takeaways Based on 100 Survey Responses © 2016 Lumeta Corporation.

Slides:

Advertisements

Similar presentations

Copyright © 2012, SAS Institute Inc. All rights reserved. Cyber Security threats to Open Government Data Vishal Marria April 2014.

Advertisements

Dark Reading Threat Intelligence Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

Access Control Chapter 3 Part 5 Pages 248 to 252.

The State of Security Management By Jim Reavis January 2003.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Computer Security Fundamentals

seminar on Intrusion detection system

John Felber.  Sources  What is an Intrusion Detection System  Types of Intrusion Detection Systems  How an IDS Works  Detection Methods  Issues.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

Reconnaissance & Enumeration Baseline, Monitor, Detect, Analyze, Respond, & Recover Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago,

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Did You Hear That Alarm? The impacts of hitting the information security snooze button.

Study Results Advanced Persistent Threat Awareness.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

Dell Connected Security Solutions Simplify & unify.

Chapter 1 Information Management In A Global Economy.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.

© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.

Copyright Security-Assessment.com 2004 Vulnerability Management Explained By Peter Benson.

The Changing World of Endpoint Protection

The ProactiveWatch Monitoring Service. Are These Problems For You? Your business gets disrupted when your IT environment has issues Your employee and.

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.

Cloud Computing Project By:Jessica, Fadiah, and Bill.

TOP 10 TECHNOLOGY INITIATIVES © Robert G. Parker S-1 Issues Loss or theft of mobile devices Lack of MDM (mobile device management) software Cloud.

Network security Product Group 2 McAfee Network Security Platform.

HP World September 2002 Scott S. Blake, CISSP Vice President, Information Security BindView Corporation Vulnerability Assessment and Action.

Marin Frankovic Datacenter TSP

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. State of Network Security.

MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.

FFIEC Cyber Security Assessment Tool

Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.

Role Of Network IDS in Network Perimeter Defense.

Regional Telecommunications Workshop on FMRANS 2015 Presentation.

Cognitive & Organizational Challenges of Big Data in Cyber Defence. YALAVARTHI ANUSHA 1.

Security Outsourcing Melissa Karolewski. Overview Introduction Definitions Offshoring MSSP Outsourcing Advice Vendors MSSPs Benefits & Risks Security.

Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals CHECK POINT MOBILE THREAT PREVENTION.

ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.

Securing Big Data is a business imperative. PROTECT BIG DATA

TruSTAR Sensitive & Proprietary Cloud CISC: Cyber incident exchange and collaboration February, 2016 “We cannot solve problems with the same thinking we.

Keeping your network devices secure Despite constituting the lifeline of every corporate IT infrastructure, network devices happen to be the most notoriously.

HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,

Security and resilience for Smart Hospitals Key findings

Increasing Information and Data Security in Today’s Cybersecurity World 2017 Conference Review 6/6/2017.

Deployment Planning Services

Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.

The Game has Changed… Ready or Not! Andrew Willetts Technologies, Inc.

Real-time protection for web sites and web apps against ATTACKS

SECURITY INFORMATION AND EVENT MANAGEMENT

Varonis Overview.

Navigating Security Seas in a Small Ship with a Limited Crew

Brandon Traffanstedt Systems Engineer - Southeast

Panda Adaptive Defense Platform and Services

How to address security, cost, IT and migration concerns

Strategic threat assessment

Managing IT Risk in a digital Transformation AGE

GRC - A Strategic Approach

CyberSecurity Strategy For Defendable ROI

AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.

Presentation transcript:

1 Current Trends in Enterprise IT Network Security Key Takeaways Based on 100 Survey Responses © 2016 Lumeta Corporation

2 Objective: Discover current trends in securing large (global) enterprise IT networks Target Industries: Companies with US headquarters, global scale, and 10,000+ employees Target Audience: Executives responsible for Network Security, Network Administration, and related IT functions Total Surveys: 100 executive interviews Research Overview

3 Source: LTM Research; n = 93 An overwhelming majority of IT networking and security executives are confident they can do real-time assessments of their networks from the outside

4 Source: LTM Research; n = 100 And a vast majority are confident that their security and threat procedures are doing the job protecting their information assets

5 IPAM is the most commonly-used method to gather “authoritative” information on systems and devices on the network Source: LTM Research; n = 82 Other: Firewall Outside vendor Homegrown Tools IDS/IPS All manual Other tools as well Server Workstation and In-house Monitoring They use number of commercial and in-house products

6 Almost 90% think they have the ability to compare normal patterns of network cyber activity against new anomalies as they occur Source: LTM Research; n = 91 Of companies which cannot currently compare baseline against new anomalies, half do not plan to invest in this capability

7 And almost 90% also say they monitor communication patterns and routing tables to identify anomalous device interactions Source: LTM Research; n = 90

8 Source: LTM Research; n = But almost half say there are key impediments to attaining network visibility, so they don’t know what they’re missing...

9 Source: LTM Research; n = 90 Despite the view from the majority that they are notified about rogue assets or behavior quickly, industry breach data tells a different story

10 Source: LTM Research; n = 100 Little wonder that 2/3 are concerned they are experiencing an undetected attack right now

11 Source: LTM Research; n = 100 And they are particularly concerned about threats from transitory assets like mobile, virtual and cloud

12 Source: LTM Research; n = 95 Because most say they can’t detect threats fast enough from those transitory assets

13 Source: LTM Research; n = 92 90% say they need to detect breaches of their network within a day, while industry data shows the average duration of a breach is more than six (6) months

14 Nearly one-third of companies do not determine the severity of a network vulnerability Source: LTM Research; n = 72

15 The severity of a network vulnerability is most commonly determined by test attempts to exploit the vulnerability Source: LTM Research; n = 72 Other: 21 use monitoring 24/7 with various tools A combination of things but not allowed to disclose Also network monitoring Handled by Third party company Test & Monitor Third-party tools Use various tools that helps them prioritize

16 70% are pleased with SIEM for real-time analysis of security alerts generated by network hardware and applications… Source: LTM Research; n = 56

17 Despite the high SIEM satisfaction rate, it's puzzling that 42% are manually evaluating threat data and 45% have chosen another platform for automation Source: LTM Research; n = 81 And 42% still ignore or manually evaluate threat data Very concerning!

18 Source: LTM Research; n = 91 Clearly something needs to be done to improve context to minimize data overload of stretched network and security staff

19 Next Steps Do you have any of these concerns in your organization? Are you interested in a case study where Lumeta has helped an organization similar to yours solve these same concerns?

20 Thank You!

21