Addressing IT Security: Automated Tools Needed
-
Addressing IT Security: Automated Tools Needed
New research from Skybox Security looks at ways of handling security vulnerabilities, security tool use and security priorities in the future. -
Tools Usage
The tools most often in use are security information and event management, or SIEM (84%), firewall management (83%), attack detection (81%) and vulnerability management (76%). The least common tools: threat intelligence (62%), forensics (57%) and attack surface visualization (47%). -
High Automation Task
A full 92% of organizations use automated tools to detect vulnerabilities on hosts and servers, and 81% are somewhat or very satisfied with their capabilities performing this task. -
Low Automation Equals Low Satisfaction
54% of organizations use automated tools to assess security controls on cloud-based systems and applications, and 60% are somewhat or very satisfied with their capabilities in performing this activity. -
Pushing Patches
Although most organizations automate the process of pushing patches (74% for servers and 81% for PCs, laptops and workstations), approximately half have primarily or completely manual processes for most other areas, such as remediating misconfigurations and provisioning firewalls. -
New Rules Needed
76% of respondents use data about vulnerabilities and misconfigurations to prioritize vulnerabilities, prioritize and track remediation (71%), comply with regulations (69%) and support incident response (69%). Only 56% use this data continuously or frequently to optimize and clean up firewall rules. -
Weak Threat Analysis
Just a little more than half (52%) of organizations have formal programs for threat analysis and 10% had no program. However, at least two-thirds of the organizations have formal programs for incident response, vulnerability management, and risk and compliance assessment. -
Low Confidence
26% of respondents were somewhat or very dissatisfied about their data collection capabilities relative to security controls for cloud-based systems and applications. -
Surface Visibility Tools Rule
Organizations with an attack surface visibility tool are very satisfied or somewhat satisfied with their security data collection capabilities in four of five areas at least 20 percent more often than companies that did not use a similar tool. -
Can't Get No Satisfaction
Dissatisfaction (somewhat or very dissatisfied) was high in three areas: the ability to analyze and prioritize misconfigurations on servers and network devices (30%), policy violations in system and data access rules (31%) and policy violations in firewall rules (32%). -
High Priorities
Nearly seven in 10 (69%) of organizations place a high/very high priority on managing the remediation of vulnerabilities, followed by analyzing and prioritizing vulnerabilities (65%) and managing the remediation of misconfigurations and rule violations (63%). -
Tools and Capabilities
Nearly two-thirds (63%) of organizations place a high/very high value on obtaining a security analytics tool with the ability to collect and correlate vulnerabili ty data from many tools, followed by capabilities for modeling attack paths to identify how attackers can reach important assets (62%), and a dashboard showing location and systems with the highest risk (61%).
What Partners Need to Know About HP, Inc. 
MSPs Face Big Cybersecurity Talent Gap 
Why Tech Companies Are Eager to Invest in 5G 
The Problem With Partner Referral Programs 
Microsoft Taps Channel for Digital Business 
New Technologies Will Fuel Channel Opportunities 
Channel's Transition to the Cloud Requires More Time 
Microsoft's Cloud Channel Begins to Mature 
Defining MSPs' Goals, Challenges and Tools 
Why Metrics Matter to the Channel New research indicates a direct correlation between the use of automated tools to find and fix vulnerabilities and misconfigurations in security and network devices and satisfaction levels to complete those tasks. A majority of organizations that use automated tools, whether on physical, virtual or cloud networks, were the most satisfied with the ability to perform those activities, according to the survey of 275 IT professionals. The study, released by Skybox Security and conducted by research and marketing firm CyberEdge Group, reveals that remediation and provisioning need the most improvement. Other trouble spots include collecting data about virtual and cloud-based systems and applications, as well as analyzing and remediating firewall rules that violate policies and regulations. These areas need improvement and automation in the immediate future, particularly as many organizations transition to hybrid IT networks, face a shortage of security professionals, and as global regulatory requirements become stricter, according to Skybox. Here are key survey takeaways pointing to trouble spots that solution providers can help address.