SC Magazine has conducted a survey on behalf of ForeScout Technologies amongst 350 corporate executives and consultants that have responsibility for information security covering a range of industries including finance, government, manufacturing, technology and healthcare.
Exploring the way enterprise CISOs currently use security tools and their goals for future security portfolio capabilities around automation, communication and remediation, the survey found that they are looking for more integration and automation among their existing IT security tools, and that most are only periodically monitoring and mitigating events in their network environments.
Proliferation without integration
The survey shows that there is a proliferation of stand-alone security products on the market with around 52% of large enterprises with an annual revenue greater than $1 billion saying that they operate more than 13 different security tools.
However, despite such a large number, respondents believe it's rare for these tools to directly collaborate with each other. 69% of respondents said that aside from their security information and event management (SIEM) systems, they had only a couple of tools that could directly share security-related context or control information.
A need for collaboration
With a response rate of 95%, nearly all large enterprise respondents would find it “helpful or very helpful” if their IT security and management systems shared information about devices, applications, users and vulnerabilities on the network. A further 93% indicated it would be “helpful or very helpful” if a majority of their risk analysis systems were linked to automated security controls such as firewalls, network access control or patch management systems.
The linking of security systems to create a collaborative security network is seen by 78% of respondents as a preventative measure in which such linked systems could automate certain security controls and prevent compromises.
Periodic checks
Around 60% of the survey participants perform just periodic security health checks rather than continuous monitoring and mitigation of their network environments. Such continuous monitoring can help to ensure that all software is up-to-date and patched, leaving gaps in visibility that can be exploited by hackers or malware.
Commenting on the results of the survey, ForeScout Technologies' Chief Strategy Officer, Pedro Abreu said that as many as 6 out of 10 respondents were still just performing periodic monitoring and mitigation despite the fact that the current explosion of endpoint device numbers on corporate networks is creating new entry points into the organisation for cyber criminals.
“Customers are looking for integrated systems that offer the ability to continuously see all devices connected to their network, control access and ensure endpoint compliance while sharing valuable information with other devices to increase overall security posture," he said.
"ForeScout delivers this integrated solution to ensure optimum security and preserving the flow of business,” Pedro Abreu concluded.
More information on the SC survey and its results can be found on the ForeScout Technologies site.
|