SlideShare a Scribd company logo

SC Magazine & ForeScout Survey Results

ForeScout Technologies
ForeScout Technologies

Enterprise CISOs Demand More Integration & Automation From Their Existing IT Security Tools

Technology
1 of 22
© 2015 ForeScout Technologies, Page 2 • How well are IT security managers’ needs being met? – Collaboration between IT security systems – Automation of security controls – Continuous monitoring and mitigation • Finding: Huge gulf between expectation and reality
© 2015 ForeScout Technologies, Page 3 FIREWALL SIEM ATD ENDPOINT EMMVA PATCH IBM IBM
© 2015 ForeScout Technologies, Page 4 Gartner, “Designing an Adaptive Security Architecture for Protection From Advanced Attacks”, Neil MacDonald and Peter Firstbrook, 12 February 2014, refreshed November 19, 2014 “The end result should not be 12 silos of disparate information security solutions. The end goal should be that these different capabilities integrate and share information to build a security protection system that is more adaptive and intelligent overall.” Figure 1. The Four Stages of an Adaptive Protection Architecture Source: Gartner (February 2014)
© 2015 ForeScout Technologies, Page 5 • 345 corporate executives and consultants with information security responsibility • North America • Diverse industries: Technology, financial, government, healthcare, education, manufacturing, utilities, retail
© 2015 ForeScout Technologies, Page 6 “How many security systems (such as, antivirus, mobile device management, vulnerability assessment, firewall, intrusion prevention, web security, email security, encryption, SIEM, data loss prevention, etc.) do you own?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 13Or more security systems
© 2015 ForeScout Technologies, Page 7 “Disregarding your SIEM (if you have one), how many of your security and IT management systems directly share security-related context or control information with one another?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 1to 3directly share security-related context
© 2015 ForeScout Technologies, Page 8 “How many of your existing security systems (such as, vulnerability assessment, network behavior analysis, etc.) and risk analysis systems (such as SIEM solutions) can mitigate risk /threats or remediate problems?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 1to 3can mitigate risks or remediate problems
© 2015 ForeScout Technologies, Page 9 “How helpful would it be if your IT security and management systems were to share information about devices, applications, users, and vulnerabilities on your network?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 95% “Helpful or Very Helpful”
© 2015 ForeScout Technologies, Page 10 “How helpful would it be if the majority of your security systems and risk analysis systems were linked to automated security controls, such as firewalls, network access control or patch management systems?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 93% “Helpful or Very Helpful”
© 2015 ForeScout Technologies, Page 11 1. Current state – Many different IT security systems are being used – Information sharing between systems is rare – Automated mitigation is rare 2. Desired state – Strongly desire more information sharing – Strongly desire more automated mitigation Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention The Gap Is Huge
© 2015 ForeScout Technologies, Page 12 “More integrated controls would help our IT organization identify, investigate, respond and resolve security incidents” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 97% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
© 2015 ForeScout Technologies, Page 13 “More integrated controls would help our IT organization identify, investigate, respond and resolve security incidents” “Automated security controls would have allowed us to avoid a compromise or reduce the impact of the compromise that we experienced in the last year” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 97% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 57% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
© 2015 ForeScout Technologies, Page 14 “More integrated controls would help our IT organization identify, investigate, respond and resolve security incidents” “Automated security controls would have allowed us to avoid a compromise or reduce the impact of the compromise that we experienced in the last year” “Automated security controls will help prevent future compromise” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 97% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 57% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 78% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
© 2015 ForeScout Technologies, Page 15 “Are your security processes (e.g. assessment and patching) mainly done on a periodic basis (weekly, monthly, etc.) or mainly done continuously?” “Continuous”Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 43% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
© 2015 ForeScout Technologies, Page 16 “Are your security processes (e.g. assessment and patching) mainly done on a periodic basis (weekly, monthly, etc.) or mainly done continuously?” “Continuous” “Planning to shift toward continuous in the next 12 to 24 months” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 43% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 64% “Is your organization planning to shift your security processes toward more continuous monitoring and mitigation?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
© 2015 ForeScout Technologies, Page 17 IT Security Managers Reality • Strongly want IT security products to share information • Very few IT security products share information
© 2015 ForeScout Technologies, Page 18 IT Security Managers Reality • Strongly want IT security products to share information • Strongly want IT security products to automatically mitigate threats • Very few IT security products share information • Very few products automatically mitigate
© 2015 ForeScout Technologies, Page 19 IT Security Managers Reality • Strongly want IT security products to share information • Strongly want IT security products to automatically mitigate threats • Continuous monitoring and mitigation • Very few IT security products share information • Very few products automatically mitigate • Slightly less than half of organizations practice continuous monitoring
© 2015 ForeScout Technologies, Page 20 IT Security Managers Reality • Strongly want IT security products to share information • Strongly want IT security products to automatically mitigate threats • Continuous monitoring and mitigation • Very few IT security products share information • Very few products automatically mitigate • Slightly less than half of organizations practice continuous monitoring GAP
© 2015 ForeScout Technologies, Page 22

Recommended

ForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk Report
Forescout Technologies Inc
 
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTTransforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Forescout Technologies Inc
 
How Secure Is Your Building Automation System?
How Secure Is Your Building Automation System? How Secure Is Your Building Automation System?
How Secure Is Your Building Automation System?
Forescout Technologies Inc
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
DLT Solutions
 
Frost & Sullivan Report
Frost & Sullivan ReportFrost & Sullivan Report
Frost & Sullivan Report
Forescout Technologies Inc
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)
Forescout Technologies Inc
 
The Internet of Things Isn't Coming, It's Here
The Internet of Things Isn't Coming, It's HereThe Internet of Things Isn't Coming, It's Here
The Internet of Things Isn't Coming, It's Here
Forescout Technologies Inc
 
Shining a Light on Shadow Devices
Shining a Light on Shadow DevicesShining a Light on Shadow Devices
Shining a Light on Shadow Devices
Forescout Technologies Inc
 

Recommended

ForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk ReportForeScout IoT Enterprise Risk Report
ForeScout IoT Enterprise Risk Report
Forescout Technologies Inc
 
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoTTransforming Smart Building Cybersecurity Strategy for the Age of IoT
Transforming Smart Building Cybersecurity Strategy for the Age of IoT
Forescout Technologies Inc
 
How Secure Is Your Building Automation System?
How Secure Is Your Building Automation System? How Secure Is Your Building Automation System?
How Secure Is Your Building Automation System?
Forescout Technologies Inc
 
Symantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security SolutionSymantec and ForeScout Delivering a Unified Cyber Security Solution
Symantec and ForeScout Delivering a Unified Cyber Security Solution
DLT Solutions
 
Frost & Sullivan Report
Frost & Sullivan ReportFrost & Sullivan Report
Frost & Sullivan Report
Forescout Technologies Inc
 
Network Access Control (NAC)
Network Access Control (NAC)Network Access Control (NAC)
Network Access Control (NAC)
Forescout Technologies Inc
 
The Internet of Things Isn't Coming, It's Here
The Internet of Things Isn't Coming, It's HereThe Internet of Things Isn't Coming, It's Here
The Internet of Things Isn't Coming, It's Here
Forescout Technologies Inc
 
Shining a Light on Shadow Devices
Shining a Light on Shadow DevicesShining a Light on Shadow Devices
Shining a Light on Shadow Devices
Forescout Technologies Inc
 
Network Access Control Market Trends, Technological Analysis and Forecast Rep...
Network Access Control Market Trends, Technological Analysis and Forecast Rep...Network Access Control Market Trends, Technological Analysis and Forecast Rep...
Network Access Control Market Trends, Technological Analysis and Forecast Rep...
natjordan6
 
Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems
Zoe Gilbert
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
GGV Capital
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
Andris Soroka
 
Throughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlThroughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security Control
Aruj Thirawat
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
Symantec
 
Zero Trust Cybersecurity for Microsoft Azure Cloud
Zero Trust Cybersecurity for Microsoft Azure Cloud Zero Trust Cybersecurity for Microsoft Azure Cloud
Zero Trust Cybersecurity for Microsoft Azure Cloud
Block Armour
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber Security
Mastel Indonesia
 
Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022) Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022)
Research On Global Markets
 
IOT Security
IOT SecurityIOT Security
IOT Security
Sylvain Martinez
 
Bolstering the security of iiot applications – how to go about it
Bolstering the security of iiot applications – how to go about it Bolstering the security of iiot applications – how to go about it
Bolstering the security of iiot applications – how to go about it
Moon Technolabs Pvt. Ltd.
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Control
jwpiccininni
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
David Spinks
 
Government-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefGovernment-ForeScout-Solution-Brief
Government-ForeScout-Solution-Brief
Jonathan Reyes
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security Challenges
Forest Interactive
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming Security
Robert Herjavec
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
Intel® Software
 
2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?
IBM Security
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
Security Innovation
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space Age
Block Armour
 
Mobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric ApproachMobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric Approach
Omar Khawaja
 
16231
1623116231
16231
James Grant
 

More Related Content

What's hot

Government-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefGovernment-ForeScout-Solution-Brief
Government-ForeScout-Solution-Brief
Jonathan Reyes
 
2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?
IBM Security
 

What's hot (20)

Network Access Control Market Trends, Technological Analysis and Forecast Rep...
Network Access Control Market Trends, Technological Analysis and Forecast Rep...Network Access Control Market Trends, Technological Analysis and Forecast Rep...
Network Access Control Market Trends, Technological Analysis and Forecast Rep...
 
Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
 
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
DSS ITSEC Webinars 2013 - Network Access Control + Mobile Security (Forescout)
 
Throughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security ControlThroughwave Day 2015 - ForeScout Automated Security Control
Throughwave Day 2015 - ForeScout Automated Security Control
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
 
Zero Trust Cybersecurity for Microsoft Azure Cloud
Zero Trust Cybersecurity for Microsoft Azure Cloud Zero Trust Cybersecurity for Microsoft Azure Cloud
Zero Trust Cybersecurity for Microsoft Azure Cloud
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber Security
 
Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022) Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022)
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
Bolstering the security of iiot applications – how to go about it
Bolstering the security of iiot applications – how to go about it Bolstering the security of iiot applications – how to go about it
Bolstering the security of iiot applications – how to go about it
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Control
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
 
Government-ForeScout-Solution-Brief
Government-ForeScout-Solution-BriefGovernment-ForeScout-Solution-Brief
Government-ForeScout-Solution-Brief
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security Challenges
 
LIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming SecurityLIFT OFF 2017: Transforming Security
LIFT OFF 2017: Transforming Security
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
 
Next-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space AgeNext-generation Zero Trust Cybersecurity for the Space Age
Next-generation Zero Trust Cybersecurity for the Space Age
 

Similar to SC Magazine & ForeScout Survey Results

SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
Norm Barber
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
IBM Security
 
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
IBM Security
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
IBM Security
 

Similar to SC Magazine & ForeScout Survey Results (20)

Mobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric ApproachMobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric Approach
 
16231
1623116231
16231
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
Website Security Statistics Report 2013
Website Security Statistics Report 2013Website Security Statistics Report 2013
Website Security Statistics Report 2013
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planet
 
The 10 most promising enterprise security solution providers 2019
The 10 most promising enterprise security solution providers 2019The 10 most promising enterprise security solution providers 2019
The 10 most promising enterprise security solution providers 2019
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
 
2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update2015 Energy Industry Cybersecurity Research Update
2015 Energy Industry Cybersecurity Research Update
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Improve Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseImprove Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small Enterprise
 
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
 
IBM Seguridad Móvil - Acompaña tu estrategia BYOD
IBM Seguridad Móvil - Acompaña tu estrategia BYODIBM Seguridad Móvil - Acompaña tu estrategia BYOD
IBM Seguridad Móvil - Acompaña tu estrategia BYOD
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and Trends
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
 
IBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseIBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, Expertise
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
Cognitive security
Cognitive securityCognitive security
Cognitive security
 
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko5 steps-to-mobile-risk-management-whitepaper-golden-gekko
5 steps-to-mobile-risk-management-whitepaper-golden-gekko
 
CS Sakerhetsdagen 2015 IBM Feb 19
CS Sakerhetsdagen 2015 IBM Feb 19CS Sakerhetsdagen 2015 IBM Feb 19
CS Sakerhetsdagen 2015 IBM Feb 19
 

Recently uploaded

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 

Recently uploaded (20)

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

SC Magazine & ForeScout Survey Results

  • 1.
  • 2. © 2015 ForeScout Technologies, Page 2 • How well are IT security managers’ needs being met? – Collaboration between IT security systems – Automation of security controls – Continuous monitoring and mitigation • Finding: Huge gulf between expectation and reality
  • 3. © 2015 ForeScout Technologies, Page 3 FIREWALL SIEM ATD ENDPOINT EMMVA PATCH IBM IBM
  • 4. © 2015 ForeScout Technologies, Page 4 Gartner, “Designing an Adaptive Security Architecture for Protection From Advanced Attacks”, Neil MacDonald and Peter Firstbrook, 12 February 2014, refreshed November 19, 2014 “The end result should not be 12 silos of disparate information security solutions. The end goal should be that these different capabilities integrate and share information to build a security protection system that is more adaptive and intelligent overall.” Figure 1. The Four Stages of an Adaptive Protection Architecture Source: Gartner (February 2014)
  • 5. © 2015 ForeScout Technologies, Page 5 • 345 corporate executives and consultants with information security responsibility • North America • Diverse industries: Technology, financial, government, healthcare, education, manufacturing, utilities, retail
  • 6. © 2015 ForeScout Technologies, Page 6 “How many security systems (such as, antivirus, mobile device management, vulnerability assessment, firewall, intrusion prevention, web security, email security, encryption, SIEM, data loss prevention, etc.) do you own?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 13Or more security systems
  • 7. © 2015 ForeScout Technologies, Page 7 “Disregarding your SIEM (if you have one), how many of your security and IT management systems directly share security-related context or control information with one another?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 1to 3directly share security-related context
  • 8. © 2015 ForeScout Technologies, Page 8 “How many of your existing security systems (such as, vulnerability assessment, network behavior analysis, etc.) and risk analysis systems (such as SIEM solutions) can mitigate risk /threats or remediate problems?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 1to 3can mitigate risks or remediate problems
  • 9. © 2015 ForeScout Technologies, Page 9 “How helpful would it be if your IT security and management systems were to share information about devices, applications, users, and vulnerabilities on your network?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 95% “Helpful or Very Helpful”
  • 10. © 2015 ForeScout Technologies, Page 10 “How helpful would it be if the majority of your security systems and risk analysis systems were linked to automated security controls, such as firewalls, network access control or patch management systems?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study. Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention 93% “Helpful or Very Helpful”
  • 11. © 2015 ForeScout Technologies, Page 11 1. Current state – Many different IT security systems are being used – Information sharing between systems is rare – Automated mitigation is rare 2. Desired state – Strongly desire more information sharing – Strongly desire more automated mitigation Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM Data loss prevention The Gap Is Huge
  • 12. © 2015 ForeScout Technologies, Page 12 “More integrated controls would help our IT organization identify, investigate, respond and resolve security incidents” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 97% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
  • 13. © 2015 ForeScout Technologies, Page 13 “More integrated controls would help our IT organization identify, investigate, respond and resolve security incidents” “Automated security controls would have allowed us to avoid a compromise or reduce the impact of the compromise that we experienced in the last year” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 97% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 57% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
  • 14. © 2015 ForeScout Technologies, Page 14 “More integrated controls would help our IT organization identify, investigate, respond and resolve security incidents” “Automated security controls would have allowed us to avoid a compromise or reduce the impact of the compromise that we experienced in the last year” “Automated security controls will help prevent future compromise” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 97% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 57% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 78% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
  • 15. © 2015 ForeScout Technologies, Page 15 “Are your security processes (e.g. assessment and patching) mainly done on a periodic basis (weekly, monthly, etc.) or mainly done continuously?” “Continuous”Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 43% Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
  • 16. © 2015 ForeScout Technologies, Page 16 “Are your security processes (e.g. assessment and patching) mainly done on a periodic basis (weekly, monthly, etc.) or mainly done continuously?” “Continuous” “Planning to shift toward continuous in the next 12 to 24 months” Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 43% Antivirus Mobile device management Vulnerability assessment Firewall Intrusion prevention Web security Email security Encryption SIEM 64% “Is your organization planning to shift your security processes toward more continuous monitoring and mitigation?” Answers were obtained by SC Magazine as part of 2015 IT Security Collaboration Market Study.
  • 17. © 2015 ForeScout Technologies, Page 17 IT Security Managers Reality • Strongly want IT security products to share information • Very few IT security products share information
  • 18. © 2015 ForeScout Technologies, Page 18 IT Security Managers Reality • Strongly want IT security products to share information • Strongly want IT security products to automatically mitigate threats • Very few IT security products share information • Very few products automatically mitigate
  • 19. © 2015 ForeScout Technologies, Page 19 IT Security Managers Reality • Strongly want IT security products to share information • Strongly want IT security products to automatically mitigate threats • Continuous monitoring and mitigation • Very few IT security products share information • Very few products automatically mitigate • Slightly less than half of organizations practice continuous monitoring
  • 20. © 2015 ForeScout Technologies, Page 20 IT Security Managers Reality • Strongly want IT security products to share information • Strongly want IT security products to automatically mitigate threats • Continuous monitoring and mitigation • Very few IT security products share information • Very few products automatically mitigate • Slightly less than half of organizations practice continuous monitoring GAP
  • 21.
  • 22. © 2015 ForeScout Technologies, Page 22

Editor's Notes

  1. Thank you. We are pleased to present the results of this market research which had some very interesting results.
  2. And if I can summarize what we found in one sentence, it it was that there is a huge gulf between IT managers’ expectations and reality. I’ll share the details with you in just a minute.
  3. The study was primarily designed to explore this issue of collaboration. You can see various types of security products listed on this slide, from various different vendors. [CLICK TO ADVANCE] These logos are representative of the products in each category. How many of these products are talking with one another? We wanted to find out because we think it is and important issue. And it is not just ForeScout who thinks it is important.
  4. Gartner also thinks it is important. About a year ago, they came out with a security model that they call the Adaptive Security Architecture. They recommend that every enterprises have twelve different categories of security capability. Going around this chart in a clockwise direction, you can see that some of the capabilities are intended to help predict whether your organization is going to be attacked, some will help you prevent a security breach, some will help you detect a security breach, and some will help you respond to a security breach. Different categories of products, somewhat like I showed you on the last slide. But Gartner said that the end result should not be 12 silos of disparate information security solutions. The end goal should be that these different capabilities integrate and share information to build a security protection system that is more adaptive and intelligent overall.
  5. So ForeScout worked with SC Magazine to conduct a market study, and we surveyed 345 corporate executives and consultants in North America. OK, so let’s get into it. What did we find out?
  6. The first question that we asked was: How many IT security systems do you own? And the answer was quite a few. Over half of the large enterprises, which we defined as organizations with over $1 billion in annual revenue, said that they had 13 or more security systems.
  7. Then we asked – how many of your IT security systems share information with each other? The majority of respondents said very few, just 1 to 3 systems directly shared security information.
  8. Then we asked: “How many of Your IT Security Systems Can Automatically Mitigate Risk Or Remediate Problems?” Again, the majority of respondents said between 1 and 3 of their existing systems could do this.
  9. So next we wanted to find out how important IT security managers believe that information sharing would be. It’s one thing for ForeScout and Gartner to say it is helpful, but we wanted to hear from customers. So we asked the question. Here we found a huge percentage – 95% of respondents said that it would be helpful or very helpful.
  10. We asked the same question about automation. Again we found a huge percentage – 93% of large enterprise customers said that it would be helpful or very helpful.
  11. So let me summarize the results so far. We found a huge gap between the current state and the desired state. Few systems are sharing information, and few systems can initiate automated risk mitigation actions, despite the fact that this is exactly what enterprise IT managers what to happen.
  12. Now let me move on and present some other results of the survey. We asked respondents: “why is more IT security system collaboration helpful?” We received a variety of rsponses. 97% said that more integrated controls would help identify, investigate, respond and resolve security incidents.
  13. 57% said that Automated security controls would have allowed the organization to avoid a compromise or reduce the impact of the compromise that they experienced in the last year
  14. And 75% said that more automation would help prevent future compromise. These answers were not mutually exclusive, which is why the totals add up to more than 100%. We wanted to get reactions to each of these statements.
  15. 43% or respondents said that their security processes are continous
  16. 64% said that they were planning to shift towards continuous monitoring in the next 12 to 24 months.
  17. So those were the major conclusions of the market study. TO summarize: We found that IT security managers strongly want their products to share information, but few do.
  18. We found that IT security managers want automated controls, but few products can do this.
  19. And we found that with respect to continuous monitoring and mitigation, slightly less than half of the organizations were practicing this today, but most organizations were planning to do this in the future.
  20. And we found a large gap between desire and reality.