brightfly.com
Home
Analysis and Commentary
Field Notes and Research
Submit Research Inquiry
Our Advisory Services
About Our Research
About Brightfly
Contact Us
Search

Login

Log in to start commenting, connect with colleagues,
and get our latest Research.
It's free, it's easy, and there
are no lengthy forms to fill
out. Besides, we are a bunch of
security people too, so don't worry.

We won't share your
information with anyone.

Subscribe





Home
PDF Print
Posted by News Desk   
Wednesday, 14 May 2008

RSA and Infosec Surveys Reveal IT Departments Struggle with Vulnerability Management

Poor Satisfaction Levels Reported for Both Audit Preparation and Patch Management, According to Survey Commissioned by Shavlik Technologies

5.12.08 by Vendor

A new survey of IT professionals revealed that new regulatory compliance requirements -- for implementing satisfactory technology solutions to address security vulnerabilities, data leakage and compliance -- remain difficult for enterprise organizations to effectively achieve.

Shavlik Technologies, the market leader in delivering software solutions that rapidly accelerate and continuously improve security and compliance readiness, today announced results of its comprehensive survey of IT and security specialists conducted at both the RSA Conference 2008 and Infosecurity Europe 2008 events last month. The survey of 491 combined conference delegates from Europe and the U.S. identified their top security priorities and what solutions they may have implemented to manage the vulnerabilities that threaten their organizations.

According to the survey results, the top three priorities were: Data Protection / Leakage Prevention 53.2 percent; Internal Network Security 51.8 percent; and Policy and Regulatory Concerns 43.8 percent. Other significant priorities were patch management 38.6 percent and the security of virtualized machines 32.6 percent.

Delegates were also asked about the solutions implemented for audit preparation and patch management and whether they were satisfied with them. For audit preparation, only 60.8 percent indicated that they were satisfied or highly satisfied which suggests that there are a significant proportion of organizations unhappy with their current solutions. Respondents were equally unhappy with patch management solutions with 40 percent reporting they were unsatisfied with their current technology solution.

Despite efforts to apply various technologies companies continue to struggle with efforts to manage and close vulnerability gaps, while concerns over regulatory compliance are driving them to look for more ways to simplify through automation, said Mark Shavlik, CEO, Shavlik Technologies. Generally, organizations struggle to manage their security and compliance needs which leaves them open to attack or the discovery of a weak link by an auditor. Were working with customers to resolve these issues to their satisfaction.

Three quarters of respondents, 75.7 percent, confirmed they were either concerned or highly concerned over compliance with specific mandates such as PCI DSS, ISO 27002, or Sarbanes Oxley. They identified a broad range of solutions to manage the audit processa total of 123, ranging from home grown to a lot of systems from various vendors. Many respondents indicated they continued with manual processes for elements of their patch management process, even though more than 115 different solutions for patch management were identified in the surveys.

Companies are increasingly recognizing the need to automate operations in order to streamline compliance as an ongoing business process. But too many organizations still dont have a standard approach, which leaves gaps in their security infrastructure, added Shavlik. At Shavlik we feel its critical to educate customers on the importance of mature, best-of-breed solutions that simplify, automate, and provide better control over security and compliance management.

About Shavlik Technologies

Shavlik Technologies, LLC delivers enterprise IT organizations robust software solutions that rapidly accelerate and continuously improve security and compliance readiness by simplifying IT operations, and identifying and reliably closing system security gaps. Shavliks solutions provide Rapid Readiness so IT organizations realize continuous security and compliance readiness in a fraction of the time, cost and IT resources required by alternative approaches.

With more than 10,000 customers worldwide, Shavlik enables enterprises to simplify complex IT security and compliance management, providing trustworthy solutions that free up critical IT resources to focus on innovations that drive business growth while lowering costs. Shavlik also licenses its technology to more than 20 leading security and technology companies such as BMC, Juniper, Sophos, Symantec and VMware. For more information, visit Shavlik Technologies at www.shavlik.com.

 

[ Browse news by category ]  [ Read all vendor news ]

 

Recommend this article...




Add as favorites (0) | Link to this | Views: 79

  Comment
RSS comments

Only registered users can write comments.
Please login or register.
 
< Prev   Next >
[ Back ]
© 2009 brightfly.com