According to 451 Research’s new ‘Voice of the Enterprise: Information Security quarterly study’, 44% of enterprise security managers expect to increase their budget in the next 90 days. Only 4% of enterprises are decreasing security spending. Security managers reported significant obstacles however in fully realizing the benefits of Security Information and Event Management (SIEM) solutions because of lack of staff expertise (44.4%) and inadequate staffing (27.8%).
41% of respondents noted ‘hackers with malicious intent’ as their top security concern over the past 90 days, followed by navigating compliance requirements (37%). As a consequence, 23% of security managers noted that compliance requirements were a key driver in getting projects approved, second only to risk assessment cited by 25% of respondents.
“SIEM solutions hold a lot of promise as the centralized solution for unlocking all the secrets held in the logs of enterprise systems and marrying them with the use of threat intelligence,” said Daniel Kennedy, Research Director for Information Security. ”That promise comes at a cost, SIEM solutions still retain a reputation for being difficult to set up, difficult to add new feeds to, and difficult to tune. That said, their value to the enterprise security manager is increasingly understood, and while many SIEM implementations may have started out as a compliance check mark, they have transcended those roots.”
Splunk, Intel Security
More than 32% of the enterprises surveyed name Splunk as their primary Security Information and Event Management (SIEM) platform provider. In the 451 Research Vendor Window, enterprises rated Splunk highest especially for querying capability and the ease of integrating new data feeds. Intel Security is the second highest rated vendor based on evaluations from its 380 existing customers.
The lack of staff expertise and inadequate staffing might soon form an obstacle. As one security manager at a utilities company noted, “There is a shortage of qualified security people in the United States. I think that shortage is at very drought proportions here in [my city], and it’s very difficult to find qualified people.” Given this challenge, only a little over half, 56.9%, of enterprises are able to devote more than one professional to their SIEM implementation and monitoring.
These latest findings from this 451 Research study are based on responses from over 900 IT professionals, primarily in North America and EMEA, including 582 unique vendor evaluations in the third and fourth quarters of 2015.