Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SC Magazine & ForeScout Survey Results

520 views

Published on

Enterprise CISOs Demand More Integration & Automation From Their Existing IT Security Tools

Published in: Technology
  • Be the first to comment

  • Be the first to like this

SC Magazine & ForeScout Survey Results

  1. 1. © 2015 ForeScout Technologies, Page 2 • How well are IT security managers’ needs being met? – Collaboration between IT security systems – Automation of security controls – Continuous monitoring and mitigation • Finding: Huge gulf between expectation and reality
  2. 2. © 2015 ForeScout Technologies, Page 3 FIREWALL SIEM ATD ENDPOINT EMMVA PATCH IBM IBM
  3. 3. © 2015 ForeScout Technologies, Page 4 Gartner, “Designing an Adaptive Security Architecture for Protection From Advanced Attacks”, Neil MacDonald and Peter Firstbrook, 12 February 2014, refreshed November 19, 2014 “The end result should not be 12 silos of disparate information security solutions. The end goal should be that these different capabilities integrate and share information to build a security protection system that is more adaptive and intelligent overall.” Figure 1. The Four Stages of an Adaptive Protection Architecture Source: Gartner (February 2014)
  4. 4. © 2015 ForeScout Technologies, Page 5 • 345 corporate executives and consultants with information security responsibility • North America • Diverse industries: Technology, financial, government, healthcare, education, manufacturing, utilities, retail
  5. 5. © 2015 ForeScout Technologies, Page 6 “How many security systems (such as, antivirus, mobile device management, vulnerability assessment, firewall, intrusion prevention, web security, email security, encryption, SIEM, data loss prevention, etc.) do you own?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 13Or more security systems
  6. 6. © 2015 ForeScout Technologies, Page 7 “Disregarding your SIEM (if you have one), how many of your security and IT management systems directly share security-related context or control information with one another?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 1to 3directly share security-related context
  7. 7. © 2015 ForeScout Technologies, Page 8 “How many of your existing security systems (such as, vulnerability assessment, network behavior analysis, etc.) and risk analysis systems (such as SIEM solutions) can mitigate risk /threats or remediate problems?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 1to 3can mitigate risks or remediate problems
  8. 8. © 2015 ForeScout Technologies, Page 9 “How helpful would it be if your IT security and management systems were to share information about devices, applications, users, and vulnerabilities on your network?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 95% “Helpful or Very Helpful”
  9. 9. © 2015 ForeScout Technologies, Page 10 “How helpful would it be if the majority of your security systems and risk analysis systems were linked to automated security controls, such as firewalls, network access control or patch management systems?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 93% “Helpful or Very Helpful”
  10. 10. © 2015 ForeScout Technologies, Page 11 1. Current state – Many different IT security systems are being used – Information sharing between systems is rare – Automated mitigation is rare 2. Desired state – Strongly desire more information sharing – Strongly desire more automated mitigation Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention The Gap Is Huge
  11. 11. © 2015 ForeScout Technologies, Page 12 “More integrated controls would help our IT organization identify, investigate, respond and resolve security incidents” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 97% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
  12. 12. © 2015 ForeScout Technologies, Page 13 “More integrated controls would help our IT organization identify, investigate, respond and resolve security incidents” “Automated security controls would have allowed us to avoid a compromise or reduce the impact of the compromise that we experienced in the last year” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 97% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 57% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
  13. 13. © 2015 ForeScout Technologies, Page 14 “More integrated controls would help our IT organization identify, investigate, respond and resolve security incidents” “Automated security controls would have allowed us to avoid a compromise or reduce the impact of the compromise that we experienced in the last year” “Automated security controls will help prevent future compromise” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 97% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 57% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 78% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
  14. 14. © 2015 ForeScout Technologies, Page 15 “Are your security processes (e.g. assessment and patching) mainly done on a periodic basis (weekly, monthly, etc.) or mainly done continuously?” “Continuous”Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 43% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
  15. 15. © 2015 ForeScout Technologies, Page 16 “Are your security processes (e.g. assessment and patching) mainly done on a periodic basis (weekly, monthly, etc.) or mainly done continuously?” “Continuous” “Planning to shift toward continuous in the next 12 to 24 months” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 43% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 64% “Is your organization planning to shift your security processes toward more continuous monitoring and mitigation?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
  16. 16. © 2015 ForeScout Technologies, Page 17 IT Security Managers Reality • Strongly want IT security products to share information • Very few IT security products share information
  17. 17. © 2015 ForeScout Technologies, Page 18 IT Security Managers Reality • Strongly want IT security products to share information • Strongly want IT security products to automatically mitigate threats • Very few IT security products share information • Very few products automatically mitigate
  18. 18. © 2015 ForeScout Technologies, Page 19 IT Security Managers Reality • Strongly want IT security products to share information • Strongly want IT security products to automatically mitigate threats • Continuous monitoring and mitigation • Very few IT security products share information • Very few products automatically mitigate • Slightly less than half of organizations practice continuous monitoring
  19. 19. © 2015 ForeScout Technologies, Page 20 IT Security Managers Reality • Strongly want IT security products to share information • Strongly want IT security products to automatically mitigate threats • Continuous monitoring and mitigation • Very few IT security products share information • Very few products automatically mitigate • Slightly less than half of organizations practice continuous monitoring GAP
  20. 20. © 2015 ForeScout Technologies, Page 22

×