BEDFORD, Mass., June 2 /PRNewswire/ -- RSA, The Security Division of EMC (NYSE: EMC), today released the results of two new research initiatives that explore log management priorities for mid-sized organizations. The first survey, conducted by SANS Institute, is a sampling of data from the SANS Sixth Annual Log Management Survey Report focused on small and mid-sized organizations with less than two thousand employees. This new data ranked security issues highest in criticality for users of log management solutions as compared to regulatory requirements and compliance. The second separate survey of fifty mid-sized organizations, conducted by RSA, offers similar results that security is a primary concern for Security Information and Event Management (SIEM) users.
The SANS survey reports that issues reported are in large part consistent throughout company sizes. However, when breaking down the data, specific to small and mid-sized organizations, the research revealed that almost 80 percent rank detection and prevention highest in criticality. This research reveals a trend that mid-sized organizations better understand the importance of collecting logs and how they get the best information from what is being collected. The top of mind critical issue is detection and prevention suggesting this segment of users needs their log management solutions to handle more than just compliance and reporting. Interestingly respondents reported that logs are most useful for forensic analysis and correlation followed by detection and prevention, both at more than 90 percent, suggesting the needs of mid-sized organizations are becoming more sophisticated and they are demanding more value from their log management systems.
"Up until now, compliance to regulations has been a catalyst, enabling log management to grow and mature as never before," said Sam Curry, RSA's Chief Technologist. "Now that this technology is in place there is the option to better take advantage of some of the more sophisticated Security Information and Event Management (SIEM) tools designed to support the evolving security needs of mid-sized organizations."
"This data suggests that organizations want and need the efficiency of a log management solution to move beyond compliance to security detection, reaction and prevention," said Jerry Shenk, Senior Analyst at SANS, "as well as to augment effective IT and network operations."
RSA conducted a separate survey of mid-sized organizations to better understand the mid-sized market for log management and SIEM. The results confirm suspicions that security is moving up as a top priority in this market. Respondents surveyed revealed the primary usage for their SIEM solution was for security operations functions at 89 percent compared with 54 percent who cited compliance. Moreover, these survey results reported that as many as 66 percent of those surveyed ranked real-time monitoring as most important when evaluating a SIEM vendor. This research also revealed that more than 75 percent felt real-time monitoring is essential.
"We need a flexible and dynamic solution that allows us to quickly adapt to new security threats," said Paolo Bragadini, SOC Manager, Communication Valley. "Having a SIEM solution that allows us to achieve greater security, without over burdening our analysts with too much data, helps us to better streamline costs."
"Security isn't just about packets and compliance for our team," said Charles Beierle, Director of Information Security at RBFCU. "It's about combining information and context to create intelligence useful for making business decisions. Efficiently capturing those two components from all kinds of disparate sources have made the case for continued SIEM investment."
RSA Survey Methodology
- Respondents of survey totaled more than 50 IT executives from organizations of up to 10,000 employees
- Survey was conducted online in Q1 2010
- Survey included a number of industries including financial services, healthcare, high-tech, manufacturing and retail
- Over 15 countries were represented including: US, Argentina, UK, India, South Africa, Canada, Brazil, Pakistan, Egypt, Turkey, Poland, France, Macedonia, Australia, Thailand, Japan, and the Netherlands
SANS Survey Methodology
- Respondents of the survey totaled more than 200 from organizations with less than 2,000 employees
- Nearly 87 percent of respondents held titles of IT manager, director or CIO
- Survey included a number of industries including engineering/construction, energy/utilities, education, financial, healthcare/pharmaceutical, government, manufacturing, retail and telecommunications
Special Webcast - RSA and SANS Survey Review with WhiteHatWorld.com
Join WhiteHatWorld.com's Rich Mogull in a special webcast as he discusses the results of this new research with RSA Senior Product Marketing Manager Debbie Umbach, CISSP.
RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle – no matter where it moves, who accesses it or how it is used.
RSA offers industry-leading solutions in identity assurance & access control, data loss prevention, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.
RSA and EMC are registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other products and/or services mentioned are trademarks of their respective countries.
SOURCE EMC Corporation