Addressing IT Security: Automated Tools Needed

 
 
By Gina Roos  |  Posted 2016-10-28 Email
 
 
 
 
 
 
 
 
 
  • Previous
    1 - Addressing IT Security: Automated Tools Needed
    Next

    Addressing IT Security: Automated Tools Needed

    New research from Skybox Security looks at ways of handling security vulnerabilities, security tool use and security priorities in the future.
  • Previous
    2 - Tools Usage
    Next

    Tools Usage

    The tools most often in use are security information and event management, or SIEM (84%), firewall management (83%), attack detection (81%) and vulnerability management (76%). The least common tools: threat intelligence (62%), forensics (57%) and attack surface visualization (47%).
  • Previous
    3 - High Automation Task
    Next

    High Automation Task

    A full 92% of organizations use automated tools to detect vulnerabilities on hosts and servers, and 81% are somewhat or very satisfied with their capabilities performing this task.
  • Previous
    4 - Low Automation Equals Low Satisfaction
    Next

    Low Automation Equals Low Satisfaction

    54% of organizations use automated tools to assess security controls on cloud-based systems and applications, and 60% are somewhat or very satisfied with their capabilities in performing this activity. 
  • Previous
    5 - Pushing Patches
    Next

    Pushing Patches

    Although most organizations automate the process of pushing patches (74% for servers and 81% for PCs, laptops and workstations), approximately half have primarily or completely manual processes for most other areas, such as remediating misconfigurations and provisioning firewalls.
  • Previous
    6 - New Rules Needed
    Next

    New Rules Needed

    76% of respondents use data about vulnerabilities and misconfigurations to prioritize vulnerabilities, prioritize and track remediation (71%), comply with regulations (69%) and support incident response (69%). Only 56% use this data continuously or frequently to optimize and clean up firewall rules.
  • Previous
    7 - Weak Threat Analysis
    Next

    Weak Threat Analysis

    Just a little more than half (52%) of organizations have formal programs for threat analysis and 10% had no program. However, at least two-thirds of the organizations have formal programs for incident response, vulnerability management, and risk and compliance assessment.
  • Previous
    8 - Low Confidence
    Next

    Low Confidence

    26% of respondents were somewhat or very dissatisfied about their data collection capabilities relative to security controls for cloud-based systems and applications.
  • Previous
    9 - Surface Visibility Tools Rule
    Next

    Surface Visibility Tools Rule

    Organizations with an attack surface visibility tool are very satisfied or somewhat satisfied with their security data collection capabilities in four of five areas at least 20 percent more often than companies that did not use a similar tool.
  • Previous
    10 - Can't Get No Satisfaction
    Next

    Can't Get No Satisfaction

    Dissatisfaction (somewhat or very dissatisfied) was high in three areas: the ability to analyze and prioritize misconfigurations on servers and network devices (30%), policy violations in system and data access rules (31%) and policy violations in firewall rules (32%).
  • Previous
    11 - High Priorities
    Next

    High Priorities

    Nearly seven in 10 (69%) of organizations place a high/very high priority on managing the remediation of vulnerabilities, followed by analyzing and prioritizing vulnerabilities (65%) and managing the remediation of misconfigurations and rule violations (63%).
  • Previous
    12 - Tools and Capabilities
    Next

    Tools and Capabilities

    Nearly two-thirds (63%) of organizations place a high/very high value on obtaining a security analytics tool with the ability to collect and correlate vulnerability data from many tools, followed by capabilities for modeling attack paths to identify how attackers can reach important assets (62%), and a dashboard showing location and systems with the highest risk (61%).
 

New research indicates a direct correlation between the use of automated tools to find and fix vulnerabilities and misconfigurations in security and network devices and satisfaction levels to complete those tasks. A majority of organizations that use automated tools, whether on physical, virtual or cloud networks, were the most satisfied with the ability to perform those activities, according to the survey of 275 IT professionals. The study, released by Skybox Security and conducted by research and marketing firm CyberEdge Group, reveals that remediation and provisioning need the most improvement. Other trouble spots include collecting data about virtual and cloud-based systems and applications, as well as analyzing and remediating firewall rules that violate policies and regulations. These areas need improvement and automation in the immediate future, particularly as many organizations transition to hybrid IT networks, face a shortage of security professionals, and as global regulatory requirements become stricter, according to Skybox. Here are key survey takeaways pointing to trouble spots that solution providers can help address.

 
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
























 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date