Beruflich Dokumente
Kultur Dokumente
January 2016
60%
51%
45%
40%
37%
20%
4%
4%
0%
Increase
2015 451 Research, LLC.
No Change
Decrease
This information is from 451 Research, and contains confidential business information.
It may not be copied or distributed without permission. 2015 451 Research, LLC. All rights reserved.
Security spending growth is greater among large and midsized organizations than
smaller ones (<250 employees).
How would you describe your organizations spending plans for overall
information security over the next 90 days?
Increase
< 250
employees
34%
250-1000
employees
46%
> 1000
employees
48%
Decrease
6%
4%
4%
No Change
61%
50%
48%
In terms of industry verticals, the spending increase is most pronounced in the healthcare
and retail industries. That is not surprising, given recent well-publicized data breaches for
companies in these industries (e.g., BlueCross BlueShield, Anthem, CVS).
Data Breaches Effect on Security Spending
The survey took a closer look at how security spending is being affected by recent headlines
on data breaches, along with reports that government regulatory authorities will be targeting
breached companies that fail to close known vulnerabilities.
A total of 31% said this is causing an increase in their spending for security (6% Significant
Increase; 25% Slight).
How are recent headlines on data breaches, and news that government
regulatory authorities will go after companies who are breached and did
not close known vulnerabilities, affecting your security spend over the
next 90 days?
Significant Increase
6%
Slight Increase
25%
No Change
68%
Slight Decrease
1%
Significant Decrease
0%
This information is from 451 Research, and contains confidential business information.
It may not be copied or distributed without permission. 2015 451 Research, LLC. All rights reserved.
2
57%
22%
17%
3%
Other
2015 451 Research, LLC.
2%
0%
20%
40%
60%
According to 451 Research security analyst Daniel Kennedy, Not being able to separate
information security as a discipline from overall information technology can create a conflict of
interest between the overall goals of IT versus those of security.
We note that the survey shows 39% of respondents saying their company has a dedicated
information security budget with 17% containing everything security related and 22%
containing resources directly attributed to security.
42%
38%
34%
31%
28%
26%
18%
17%
16%
11%
10%
4%
0%
25%
50%
Looking ahead, Hackers/Crackers with Malicious Intent (22%) remains the top security threat
that respondents believe is inadequately covered by their organization and worries them
going forward. Preventing/Detecting Insider Espionage (18%) and Cyber-warfare (12%) are
additional key worries.
This information is from 451 Research, and contains confidential business information.
It may not be copied or distributed without permission. 2015 451 Research, LLC. All rights reserved.
3
22%
18%
12%
7%
7%
6%
6%
6%
4%
3%
3%
6%
0%
5%
10%
15%
20%
25%
14%
11%
9%
8%
6%
6%
5%
5%
5%
4%
4%
4%
3%
3%
3%
11%
This information is from 451 Research, and contains confidential business information.
It may not be copied or distributed without permission. 2015 451 Research, LLC. All rights reserved.
4
18%
17%
Vulnerability Assessment
13%
11%
10%
50%
This information is from 451 Research, and contains confidential business information.
It may not be copied or distributed without permission. 2015 451 Research, LLC. All rights reserved.
5
57%
15%
14%
12%
Other
2%
0%
20%
40%
60%
The complexity of SIEM operations means it can take months or even years for the full
benefits of SIEM to be realized. Indeed, only 32% of respondents believe their company is
achieving greater than 80% utilization of their SIEM installation.
Nearly the same percentage (29%) say they are currently operating at less than 40% of the
efficacy they expected to get from installing their SIEM.
SIEM Inhibitors
We asked respondents about the primary inhibitors to adopting or fully utilizing a SIEM
solution. Lack of Staff Expertise (44%) ranks as the biggest inhibitor, with Inadequate
Staffing (28%) second, followed by Solution Complexity (25%).
SIEM Vendors
Respondents were asked which vendors theyre using for their SIEM solution. A third (33%)
report they are using Splunk, with IBM and HP tied for second (19%).
33%
19%
19%
17%
17%
16%
14%
13%
10%
6%
4%
3%
1%
15%
This information is from 451 Research, and contains confidential business information.
It may not be copied or distributed without permission. 2015 451 Research, LLC. All rights reserved.
6
IBM
HP
54%
39%
29%
44%
52%
1%
9%
65%
6%
Unsatisfied (0-3)
This information is from 451 Research, and contains confidential business information.
It may not be copied or distributed without permission. 2015 451 Research, LLC. All rights reserved.
7