ESG Threat Intelligence Research Project
|
|
- Isabel Francis
- 8 years ago
- Views:
Transcription
1 TM Enterprise Strategy Group Getting to the bigger truth. ESG Threat Intelligence Research Project May 2015 Jon Oltsik, Senior Principal Analyst
2 Project Overview 304 completed online surveys with IT professionals who are directly involved in the planning, implementation, and/or daily operations of their organization s threat intelligence program, processes, or technologies All respondent organizations currently have a threat intelligence program in place and use external threat intelligence data sources Enterprise organizations (defined as organizations with 1,000 employees or more) in North America Multiple industry verticals including financial, business services, manufacturing and retail 2
3 Value of Threat Intelligence Sharing Between Federal Agencies and Private Organizations The US government is pushing initiatives and legislation to enable threat intelligence sharing between federal agencies and private organizations. In your opinion, how valuable would this type of program be for your organization? (Percent of respondents, N=304) Not very valuable, 4% Don t know, 1% Highly valuable, 50% Somewhat valuable, 44% 3
4 Sharing of Internally-derived Threat Intelligence with Other Organizations/Industry ISACs Does your organization share internally-derived threat intelligence with other organizations and/or industry ISACs? (Percent of respondents, N=304) 50% 45% 40% 35% 30% 25% 20% 15% 10% 5% 0% 37% Yes, my organization regularly shares internallyderived threat intelligence with other organizations and/or industry ISACs 45% Yes, my organization shares internally-derived threat intelligence with other organizations and/or industry ISACs from timeto-time but not on a regular basis 10% No, my organization does not share internallyderived threat intelligence with other organizations and/or industry ISACs today but we plan to do so within the next 12 to 24 months 5% No, my organization does not share internallyderived threat intelligence with other organizations and/or industry ISACs today but we are interested in doing so sometime in the future 2% 1% No, my organization does not share internallyderived threat intelligence with other organizations and/or industry ISACs today and we have no plans or interest in doing so in the future Don t know 4
5 Top 3 Challenges Experienced with Collecting and Analyzing External Threat Intelligence Question: Which of the following challenges has your organization experienced with regard to collecting and analyzing external threat intelligence? (Percent of respondents, N=304, multiple responses accepted) 32% of organizations have inadvertently blocked legitimate traffic as a result of a problem with their threat intelligence. 32% of organizations threat intelligence is collected and analyzed by different individuals, making it difficult to get a holistic picture of internal and external threats. 31% of organizations have threat intelligence collection and analysis workflow, process and integration problems. 5
6 Future Spending on Threat Intelligence 50% 45% 40% 35% 30% 25% 20% 15% 10% 5% 0% Which of the following best describes your organization s future spending on its threat intelligence program? (Percent of respondents, N=304) 27% Spending on my organization s threat intelligence program will increase significantly in the next 12 to 18 months 45% Spending on my organization s threat intelligence program will increase somewhat in the next 12 to 18 months 25% Spending on my organization s threat intelligence program will remain about the same in next 12 to 18 months 2% 1% Spending on my organization s threat intelligence program will decrease somewhat in the next 12 to 18 months Spending on my organization s threat intelligence program will decrease significantly in the next 12 to 18 months 6
7 Organization s Plans for Internal and External Threat Intelligence As part of its overall cybersecurity strategy, which of the following statements best characterizes your organization s plans for internal and external threat intelligence? (Percent of respondents, N=304) Internal threat intelligence External threat intelligence 40% 35% 30% 25% 20% 35% 24% 37% 31% 21% 19% 19% 15% 10% 5% 0% My organization plans to collect and analyze significantly more over the next 12 to 24 months My organization plans to collect and analyze somewhat more over the next 12 to 24 months My organization plans to collect and analyze about the same amount over the next 12 to 24 months as it does today 4% My organization plans to collect and analyze somewhat less over the next 12 to 24 months 6% 2% 1% My organization plans to collect and analyze significantly less over the next 12 to 24 months 1% Don t know 7
8 Top 3 Objectives of Organizations Threat Intelligence Programs Question: Which of the following would you characterize as the top three objectives of your organization s threat intelligence program? (Percent of respondents, N=304, three responses accepted) 38% seek to improve automated incident prevention. 33% seek to use threat intelligence to automate security operations and remediation activity. 28% seek to establish a central threat intelligence service to guide the cybersecurity activities of smaller units within the organization. 8
9 Importance of Threat Intelligence Standards How important are these sharing standards to your organization? (Percent of respondents, N=280) Not very important, my organization doesn t mandate the use of threat intelligence that meet the sharing standards, but we plan on doing so sometime in the future, 3% Somewhat important, my organization would like threat intelligence to meet one of the sharing standards but it s not mandatory, 46% Very important, my organization will not consume any threat intelligence unless it meets those standards, 51% 9
10 Demographics (n=304) Respondents by Threat Intelligence Purchasing Responsibility: 80% of respondents make or approve purchase decisions related to their organization s threat intelligence program; 20% influence purchase decisions for their organization s threat intelligence program. Respondents By Current Responsibility: 58% of respondents in Senior IT management role (e.g. CIO, VP of IT, Director of IT, etc.); 29% IT management; 5% Senior information security management (e.g. CISO, CSO, etc.); 4% IT staff; 4% information security management; 1% information security staff. Respondents by Total Number of Employees Worldwide: 35% between 1,000-2,499; 24% between 2,500-4,999; 13% between 5,000-9,999; 6% between 10,000-19,999; 6% between 20,000-29,999; 4% between 30,000-39,000; 10 % between 40,000-49,000; 4% with 50,000 or more. Respondents by Primary Industry: 23% financial (banking, securities, insurance); 22% manufacturing; 11% health care; 11% retail/wholesale; 8% business services (accounting, legal, consulting, etc.); 6% government (federal, national, state, province, local); 6% communications and media; 15% other. Respondents by Organization s Total Revenue ($US): 2% less than $50 million; 2% $ million; 5% $ million; 8% $ million; 17% $ million; 15% $ billion; 20% $ billion; 19% $ billion; 11% $20 billion or more; 2% not applicable (public sector, non profit, etc.) 10
11 Threat Intelligence Solution
12 Vorstack Value Delivered for Customers Vorstack provides a holistic picture of internal and external threats for enterprises Solves the #1 challenge of enterprises in their TI Program Vorstack enables sharing with or without attribution Makes it easier to support sharing based on defined policies Vorstack addresses the Automation objectives Top 2 objectives of TI Program Vorstack uses STIX /TAXII, Cybox and other standards Just what the top enterprises desire Vorstack delivers actionable threat intelligence in minutes by reducing the noise inherent in threat data and enabling secure and controlled information sharing without attribution.
13 Vorstack ACP Enterprise Threat Feeds Vorstack ACP Query Query Query Query Log Store or SIEM Query ACP Dashboard Trusted Circles
Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices
Research Report Abstract: Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices By Jon Oltsik, Senior Principal Analyst With Bill Lundell, Senior Research Analyst and Jennifer Gahm,
More informationEnterprise Strategy Group Getting to the bigger truth. Cisco: ACL Survey. Final Results. Jon Oltsik, Senior Principal Analyst
TM Enterprise Strategy Group Getting to the bigger truth. Cisco: ACL Survey Final Results Jon Oltsik, Senior Principal Analyst Summary of Key Findings 2 Project Overview 154 completed online surveys
More informationSecurity Intelligence: A Key Component of Big Data Security Analytics Date: December 2012 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Security Intelligence: A Key Component of Big Data Security Analytics Date: December 2012 Author: Jon Oltsik, Senior Principal Analyst Abstract: The intersection of big data and security analytics
More informationEnterprise Strategy Group Getting to the bigger truth. Radware ADC Survey. Final Results. Jon Oltsik, Senior Principal Analyst
TM Enterprise Strategy Group Getting to the bigger truth. Radware ADC Survey Final Results Jon Oltsik, Senior Principal Analyst Project Overview 243 completed online surveys with IT professionals responsible
More informationEnterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: Large organizations have spent millions of dollars on security
More informationSeparating Signal from Noise: Taking Threat Intelligence to the Next Level
SESSION ID: SPO2-T09 Separating Signal from Noise: Taking Threat Intelligence to the Next Level Doron Shiloach X-Force Product Manager IBM @doronshiloach Agenda Threat Intelligence Overview Current Challenges
More informationESG Brief. Overview. 2014 by The Enterprise Strategy Group, Inc. All Rights Reserved.
ESG Brief Webroot Delivers Enterprise-Class Threat Intelligence to Security Technology Providers and Large Organizations Date: September 2014 Author: Jon Oltsik, Senior Principal Analyst; Kyle Prigmore,
More informationThe Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: ESG data indicates that many enterprise organizations
More informationWHITE PAPER: THREAT INTELLIGENCE RANKING
WHITE PAPER: THREAT INTELLIGENCE RANKING SEPTEMBER 2015 2 HOW WELL DO YOU KNOW YOUR THREAT DATA? HOW THREAT INTELLIGENCE FEED MODELING CAN SAVE MONEY AND PREVENT BREACHES Who are the bad guys? What makes
More informationEight Essential Elements for Effective Threat Intelligence Management May 2015
INTRODUCTION The most disruptive change to the IT security industry was ignited February 18, 2013 when a breach response company published the first research that pinned responsibility for Advanced Persistent
More informationResearch Perspectives
Research Perspectives Paper Network Security Operations and Cloud Computing By Jon Oltsik, Senior Principal Analyst April 2015 This ESG Research Perspectives Paper was commissioned by Tufin and is distributed
More informationPrevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management
Prevent cyber attacks. SEE what you are missing. See Your Network MAP. Prevent Cyber Attacks. Driven by the need to support evolving business objectives, enterprise IT infrastructures have grown increasingly
More informationWeb Application Security Testing Tools and Services
Research Report Abstract: Web Application Security Testing Tools and Services By Jon Oltsik, Senior Principal Analyst, and Jane Wright, Senior Research Analyst With Jennifer Gahm April 2013 Introduction
More informationA New Security Dimension: Industry Experience Using Open Standards to Accelerate Threat Response
A New Security Dimension: Industry Experience Using Open Standards to Accelerate Threat Response Jason Corbin VP Product Management and Strategy IBM Security Cyber Threat Intelligence Refresher Payload
More informationEnterprise Big Data, Business Intelligence, and Analytics Trends
Research Report Abstract: Enterprise Big Data, Business Intelligence, and Analytics Trends By Nik Rouda, Senior Analyst With Bill Lundell, Senior Research Analyst, and Jennifer Gahm, Senior Project Manager
More informationIBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: Many enterprise organizations claim that they already
More informationThe State of Mobile Computing Security
Research Report Abstract: The State of Mobile Computing Security By Jon Oltsik, Senior Principal Analyst and Bill Lundell, Senior Research Analyst With Jennifer Gahm, Senior Project Manager February 2014
More informationMetrics that Matter Security Risk Analytics
Metrics that Matter Security Risk Analytics Rich Skinner, CISSP Director Security Risk Analytics & Big Data Brinqa rskinner@brinqa.com April 1 st, 2014. Agenda Challenges in Enterprise Security, Risk
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationPrevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management
Prevent cyber attacks. SEE what you are missing. See Your Network MAPS. Prevent cyber attacks. [RedSeal] is meeting our expectations and is playing an integral role as it feeds right into our overall risk
More informationSOLUTION PRIMER. Rafal Los Director, Solutions Research Office of the CISO, Accuvant. James Robinson Director, Information Security, Accuvant
THREAT INTELLIGENCE Rafal Los Director, Solutions Research Office of the CISO, Accuvant James Robinson Director, Information Security, Accuvant Jason Clark Chief Strategy and Security Officer, Accuvant
More information81% of participants believe the government should share more threat intelligence with the private sector.
Threat Intelligence Sharing & the Government s Role in It Results of a Survey at InfoSec 2015 Section 1 1.1 Executive summary The last few years has seen a rise in awareness regarding security breaches
More informationQRadar SIEM and Zscaler Nanolog Streaming Service
QRadar SIEM and Zscaler Nanolog Streaming Service February 2014 1 QRadar SIEM: Security Intelligence Platform QRadar SIEM provides full visibility and actionable insight to protect networks and IT assets
More informationMachine-to-Machine Exchange of Cyber Threat Information: a Key to Mature Cyber Defense
Machine-to-Machine Exchange of Cyber Threat Information: a Key to Mature Cyber Defense By: Daniel Harkness, Chris Strasburg, and Scott Pinkerton The Challenge The Internet is an integral part of daily
More informationResearch Report. Abstract: The Impact of Big Data on Data Analytics. September 2011
Research Report Abstract: The Impact of Big Data on Data Analytics By Julie Lockner and Bill Lundell With Jennifer Gahm and John McKnight September 2011 2011 Enterprise Strategy Group, Inc. All Rights
More informationEnterprise Database Trends in a Big Data World
Research Report Abstract: Enterprise Database Trends in a Big Data World By Nik Rouda, Senior Analyst With Bill Lundell, Senior Research Analyst and Jennifer Gahm, Senior Project Manager July 2014 Introduction
More informationInformation-driven Security and RSA Security Analytics and RSA ECAT
White Paper Information-driven Security and RSA Security Analytics and RSA ECAT By Jon Oltsik, Senior Principal Analyst September 2014 This ESG White Paper was commissioned by RSA, The Security Division
More informationThe Internet of Things: A CISO and Network Security Perspective
White Paper The Internet of Things: A CISO and Network Security Perspective By Jon Oltsik, Senior Principal Analyst October 2014 This ESG White Paper was commissioned by Cisco Systems and is distributed
More informationUtilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: What do large enterprises need in order to address increasingly
More informationThreat Intelligence: An Essential Component of Cyber Incident Response. Jeanie M Larson, CISSP-ISSMP, CISM, CRISC
Threat Intelligence: An Essential Component of Cyber Incident Response Jeanie M Larson, CISSP-ISSMP, CISM, CRISC What are we going to cover? Setting the Stage Why is Incident Response Critical? Cyber Threat
More informationResearch Report. Remote Office/Branch Office Technology Trends. July 2011
Research Report Remote Office/Branch Office Technology Trends By Bill Lundell, Jon Oltsik, and Lauren Whitehouse With John McKnight and Jenn Gahm July 2011 2011 Enterprise Strategy Group, Inc. All Rights
More informationWhite. Paper. The Big Data Security Analytics Era Is Here. January 2013
White Paper The Big Data Security Analytics Era Is Here By Jon Oltsik, Senior Principal Analyst January 2013 This ESG White Paper was commissioned by RSA Security and is distributed under license from
More informationVirtual Patch Management Offers Automation, Availability, and Cost Benefits Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Virtual Patch Management Offers Automation, Availability, and Cost Benefits Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: Timely patch management is a security best practice,
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationAn Analytics-based Approach to Cybersecurity
ESG Solution Showcase An Analytics-based Approach to Cybersecurity Date: May 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: Since the Google Aurora incident announced in 2010, large organizations
More informationThe Third Rail: New Stakeholders Tackle Security Threats and Solutions
SESSION ID: CXO-R03 The Third Rail: New Stakeholders Tackle Security Threats and Solutions Ted Ross Director, Threat Intelligence HP Security Research @tedross Agenda My brief background An example of
More informationResearch Report. Abstract: Social Enterprise Adoption Trends. June 2012
Research Report Abstract: Social Enterprise Adoption Trends By Tom Petrocelli, Senior Analyst With Bill Lundell, Senior Research Analyst, and Jenn Gahm, Senior Project Manager June 2012 2012 Enterprise
More informationLOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE The Tripwire VIA platform delivers system state intelligence, a continuous approach to security that provides leading indicators of breach
More informationMarket Research. Study. Database Security and Compliance Risks. December, 2009. By Jon Oltsik
Market Research Study Database Security and Compliance Risks By Jon Oltsik December, 2009 An ESG Market Research Study Sponsored by Application Security, Inc. 2009, Enterprise Strategy Group, Inc. All
More informationEffective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention
Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention Your Security Challenges Defending the Dynamic Network! Dynamic threats 䕬 䕬 䕬 䕬 Many threats
More informationCombating a new generation of cybercriminal with in-depth security monitoring
Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.
More informationFIVE PRACTICAL STEPS
WHITEPAPER FIVE PRACTICAL STEPS To Protecting Your Organization Against Breach How Security Intelligence & Reducing Information Risk Play Strategic Roles in Driving Your Business CEOs, CIOs, CTOs, AND
More informationThe ESG Cybersecurity Maturity Model
ESG Brief The ESG Cybersecurity Maturity Model Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: As part of its research, ESG regularly uses a scoring system to divide survey populations
More information2015 Data Storage Market Trends
Research Report Abstract: 2015 Data Storage Market Trends By Mark Peters, Senior Analyst and Bill Lundell, Senior Research Analyst With Scott Sinclair, Analyst and Jenn Gahm, Senior Project Manager October
More informationWhite. Paper. Rethinking Endpoint Security. February 2015
White Paper Rethinking Endpoint Security By Jon OItsik, Senior Principal Analyst With Kyle Prigmore, Associate Analyst February 2015 This ESG White Paper was commissioned by RSA Security and is distributed
More informationAccelOps NOC and SOC Analytics in a Single Pane of Glass Date: March 2016 Author: Tony Palmer, Senior ESG Lab Analyst
ESG Lab Spotlight AccelOps NOC and SOC Analytics in a Single Pane of Glass Date: March 2016 Author: Tony Palmer, Senior ESG Lab Analyst Abstract: This ESG Lab Spotlight details ESG s hands-on testing of
More informationAdvanced Cyber Threats Demand a New Privileged Account Security Model Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Advanced Cyber Threats Demand a New Privileged Account Security Model Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: In spite of marginal progress, privileged accounts
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationInstilling Confidence in Security and Risk Operations with Behavioral Analytics and Contextualization
WHITEPAPER Instilling Confidence in Security and Risk Operations with Behavioral Analytics and Contextualization Understanding Why Automated Machine Learning Behavioral Analytics with Contextualization
More informationLOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE As part of the Tripwire VIA platform, Tripwire Log Center offers out-of-the-box integration with Tripwire Enterprise to offer visibility
More informationJanuary IIA / ISACA Joint Meeting Pre-meeting. Cybersecurity Update for Internal Auditors. Matt Wilson, PwC Risk Assurance Director
January IIA / ISACA Joint Meeting Pre-meeting Cybersecurity Update for Internal Auditors Matt Wilson, Risk Assurance Director Introduction and agenda Themes from The Global State of Information Security
More informationResearch Report. Abstract: Solid-state Storage Market Trends. November 2011. By Bill Lundell and Mark Peters With Jennifer Gahm and John McKnight
Research Report Abstract: Solid-state Storage Market Trends By Bill Lundell and Mark Peters With Jennifer Gahm and John McKnight November 2011 2011 Enterprise Strategy Group, Inc. All Rights Reserved.
More informationCompensating Security Controls for Windows Server 2003 Security
ESG Solution Showcase Compensating Security Controls for Windows Server 2003 Security Date: May 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: It is common knowledge by now that Microsoft
More informationICIT - Institute for Critical Infrastructure Technology
April 16, 2015 The Institute for Critical Infrastructure Technology (ICIT) is a nonprofit (status pending), non-partisan group of the world s most innovative experts and companies that provide technologies
More informationCyber Security Operations Center (CSOC) for Critical Infrastructure Protection
SESSION ID: CXO-F02 Cyber Security Operations Center (CSOC) for Critical Infrastructure Protection Timothy Lee CISO City of Los Angeles @tswlj316 AGENDA Introduction Why do we need Cyber Security Operations
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More informationJobSuite Sample Workflow and Template
JobSuite Sample Workflow and Template We have spent 20 years helping creative teams implement project management software. Seems like we have seen it all, but each time we learn something new. One thing
More informationSituational Awareness A Discussion
Situational Awareness A Discussion Dean Weber March, 2012 The Current Situation take one spending incidents financial losses overall risk grows resources applied grows but no real progress The situation
More informationTowards Threat Wisdom
Towards Threat Wisdom Duncan Brown dbrown@idc.com @duncanwbrown What our world looks like Incidents Threats 48% 1 1mpd 2 Infections x14 3 Sources: 1. PwC, The Global State of Information Security Survey
More informationHow Shared Security Intelligence Can Better Stop Targeted Attacks
How Shared Security Intelligence Can Better Stop Targeted Attacks SESSION ID: SPO3-T07 Piero DePaoli Senior Director Global Product Marketing Symantec Corporation Targeted Attacks are an Increasing Issue
More informationTHE 2014 THREAT DETECTION CHECKLIST. Six ways to tell a criminal from a customer.
THE 2014 THREAT DETECTION CHECKLIST Six ways to tell a criminal from a customer. Telling criminals from customers online isn t getting any easier. Attackers target the entire online user lifecycle from
More informationResearch Report. Abstract: Trends in Data Protection Modernization. August 2012
Research Report Abstract: Trends in Data Protection Modernization By Jason Buffington, Senior Analyst, and Bill Lundell, Senior Research Analyst August 2012 Introduction Research Objectives Research Report:
More informationIT executive guide to security intelligence
IBM Software Thought Leadership White Paper January 2013 IT executive guide to security intelligence Transitioning from log management and SIEM to comprehensive security intelligence 2 IT executive guide
More informationReducing the Critical Time from Incident Detection to Containment
White Paper Reducing the Critical Time from Incident Detection to Containment By Jon Oltsik, Senior Principal Analyst May 2014 This ESG White Paper was commissioned by Bradford Networks and is distributed
More informationManaged Security Monitoring Quick Guide 5/26/15. 2014 EarthLink. Trademarks are property of their respective owners. All rights reserved.
Managed Security Monitoring Quick Guide 5/26/15 2014 EarthLink. Trademarks are property of their respective owners. All rights reserved. 2 Managed Security Monitoring - Overview Service Positioning EarthLink
More informationCisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS)
White Paper Cisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS) By Jon Oltsik, Senior Principal Analyst October 2014 This ESG White
More informationRSA SECURITY MANAGEMENT. An Integrated approach to risk, operations and incident management. Solution Brief
RSA SECURITY MANAGEMENT An Integrated approach to risk, operations and incident management Solution Brief THE PROBLEM WITH TACTICAL SECURITY MANAGEMENT What are your organization s most pressing IT security
More informationTHE EVOLUTION OF SIEM
THE EVOLUTION OF SIEM WHY IT IS CRITICAL TO MOVE BEYOND LOGS Despite increasing investments in security, breaches are still occurring at an alarming rate. 43% Traditional SIEMs have not evolved to meet
More informationHow To Manage Log Management
: Leveraging the Best in Database Security, Security Event Management and Change Management to Achieve Transparency LogLogic, Inc 110 Rose Orchard Way, Ste. 200 San Jose, CA 95134 United States US Toll
More informationRSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst
ESG Lab Review RSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst Abstract: This ESG Lab review documents
More informationThreat Intelligence Platforms: The New Essential Enterprise Software
Gitomer-1 Threat Intelligence Platforms: The New Essential Enterprise Software Due to the ever-increasing volume of cyber attacks and regulatory pressures, there is a need for a new type of enterprise
More informationPersonal Security Practices of the CAO
Personal Security Practices of the CAO 1. Do you forward your government email to your personal email account? 2. When is the last time you changed your Enterprise password? Within the last 60 days Within
More informationLOG INTELLIGENCE FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF uugiven today s environment of sophisticated security threats, big data security intelligence solutions and regulatory compliance demands, the need for a log intelligence solution has become
More informationWhite. Paper. Cloud Computing Demands Enterprise- class Password Management and Security. April 2013
White Paper Cloud Computing Demands Enterprise- class Password Management and Security By Jon Oltsik, Senior Principal Analyst April 2013 This ESG White Paper was commissioned by McAfee (a Division of
More informationNetwork Security Deployment Obligation and Expenditure Report
Network Security Deployment Obligation and Expenditure Report First and Second Quarters, Fiscal Year 2015 June 16, 2015 Fiscal Year 2015 Report to Congress National Protection and Programs Directorate
More informationResearch Report. Abstract: The Evolution of Server Virtualization. November 2010
Research Report Abstract: The Evolution of Server Virtualization By Mark Bowker and Jon Oltsik With Bill Lundell, John McKnight, and Jenn Gahm November 2010 2010 Enterprise Strategy Group, Inc. All Rights
More informationCorporate Online File Sharing and Collaboration Market Trends
Research Report Abstract: Corporate Online File Sharing and Collaboration Market Trends By Kristine Kao, Market Research Analyst, Terri McClure, Senior Analyst, and Jane Wright, Senior Production Analyst
More informationCybersecurity Skills Shortage: A State of Emergency
Enterprise Strategy Group Getting to the bigger truth. ESG Brief Cybersecurity Skills Shortage: A State of Emergency Date: February 2016 Author: Jon Oltsik, Principal Analyst, Doug Cahill, Senior Analyst,
More informationAccenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges
Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287
More informationCorporate Investigations Management
Corporate Investigations Management abmintellicase TM is a secure Corporate Investigations Management Software A proven, robust solution designed for management of incidents, investigations and intelligence
More informationResearch Report. Abstract: 2014 Public Cloud Computing Trends. March 2014
Research Report Abstract: 2014 Public Cloud Computing Trends By Wayne Pauley, Senior Analyst and Bill Lundell, Senior Research Analyst With Jenn Gahm, Senior Project Manager March 2014 Introduction Research
More informationResearch Report. Abstract: 2013 Public Cloud Computing Trends. March 2013
Research Report Abstract: 2013 Public Cloud Computing Trends By Wayne Pauley, Senior Analyst and Bill Lundell, Senior Research Analyst With Jenn Gahm, Senior Project Manager March 2013 Introduction Research
More informationOvercoming Five Critical Cybersecurity Gaps
Overcoming Five Critical Cybersecurity Gaps How Active Threat Protection Addresses the Problems that Security Technology Doesn t Solve An esentire White Paper Copyright 2015 esentire, Inc. All rights reserved.
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationThis ESG White Paper was commissioned by Blue Coat and is distributed under license from ESG.
White Paper Network Encryption and its Impact on Enterprise Security By Jon Oltsik, Senior Principal Analyst February 2015 This ESG White Paper was commissioned by Blue Coat and is distributed under license
More informationSITUATIONAL AWARENESS MITIGATE CYBERTHREATS
Gaining the SITUATIONAL AWARENESS needed to MITIGATE CYBERTHREATS Industry Perspective EXECUTIVE SUMMARY To become more resilient against cyberthreats, agencies must improve visibility and understand events
More informationSQRRL ENTERPRISE Building the Modern Security Operations Center (SOC)
Target. Hunt. Disrupt. SQRRL ENTERPRISE Building the Modern Security Operations Center (SOC) WHAT ARE WE TALKING ABOUT TODAY? Who I Am Defining the SOC Functions of a SOC Do you even need a SOC? Organization
More informationAdvanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
More informationOnline File Sharing and Collaboration: Deployment Model Trends
Research Report Abstract: Online File Sharing and Collaboration: Deployment Model Trends By Terri McClure, Senior Analyst and Bill Lundell, Senior Research Analyst With Jennifer Gahm, Senior Project Manager
More informationThe Art of Modern Threat Defense. Paul Davis Director, Advanced Threats Security Solution Architects
The Art of Modern Threat Defense Paul Davis Director, Advanced Threats Security Solution Architects January 2016 Goal of Presentation Who Am I A New World of Pain How we are treating the symptoms Silver
More informationThreat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations
Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations Sponsored by AccessData Independently conducted by Ponemon Institute LLC Publication Date: February 2014 Ponemon Institute
More information2010 State of Virtualization Security Survey
2010 State of Virtualization Security Survey Current opinions, experiences and trends on the strategies and solutions for securing virtual environments 8815 Centre Park Drive Published: April, 2010 Columbia
More informationNext-generation Security Architecture for the Enterprise
White Paper Next-generation Security Architecture for the Enterprise By Jon Oltsik, Senior Principal Analyst October 2014 This ESG White Paper was commissioned by Palo Alto Networks and is distributed
More information2015 State of Artificial Intelligence & Big Data in the Enterprise
2015 State of Artificial Intelligence & Big Data in the Enterprise 2 Table of Contents Introduction...3 Demographics...3 Executive Summary...4 Key Findings...5 Conclusions, Insights and Guidance...8 Respondent
More informationRedefining SIEM to Real Time Security Intelligence
Redefining SIEM to Real Time Security Intelligence David Osborne Security Architect September 18, 2012 Its not paranoia if they really are out to get you Malware Malicious Insiders Exploited Vulnerabilities
More informationHow To Manage Threat Intelligence On A Microsoft Microsoft Iphone Or Ipad Or Ipa Device
Product Brochure ThreatStream Optic ThreatStream Threat Intelligence Platform Imagine being able to make sense of all the threat information that s flowing through your security controls and coming from
More informationResearch Report. Abstract: The Impact of Server Virtualization on Data Protection. September 2010
Research Report Abstract: The Impact of Server Virtualization on Data Protection By Lauren Whitehouse and Bill Lundell With Jennifer Gahm September 2010 2010 Enterprise Strategy Group, Inc. All Rights
More informationWhite. Paper. Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS. January 2013
White Paper Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS By Jon Oltsik, Senior Principal Analyst January 2013 This ESG White Paper was commissioned by McAfee. and is distributed
More informationField Research: Security Metrics Programs
Ramon Krikken Analyst Security and Risk Management Strategies Burton Group Field Research: Security Metrics Programs All Contents 2009 Burton Group. All rights reserved. Security Metrics Programs 2 Field
More information