McAfee Risk and Compliance Outlook Report Finds SIEM and Database Security Are Top Priorities
McAfee Risk and Compliance Outlook Report Finds SIEM and Database
Security Are Top Priorities Annual Report Reveals Organizations are Moving Away from “One Size
Fits All” Approach and are Looking for Best-of-Breed Core Solutions
for Risk and Compliance SANTA CLARA, Calif. - May 29, 2012 - McAfee today announced findings
from its annual study that highlights how IT decision-makers view and
address the challenges of risk and compliance management in a highly
regulated and increasingly complex global business environment. The
report Risk and Compliance Outlook: 2012, found that Database Security
and Security Information and Event Management (SIEM) were among the top
priorities due to increased advanced persistent threats. Database security has been an ongoing concern for organizations due to
highly publicized data breaches and the growing regulatory compliance
demands. The largest portion of an enterprise’s most sensitive and
valuable information resides in databases. When asked about sensitive
database breaches, over one quarter had either had a breach or did not
have the visibility to detect a breach. In addition, respondents listed
databases as the top challenge in meeting regulatory mandates. The other top concern was SIEM, finding that most organizations rely on
legacy systems that do not meet their current needs. Ever changing
threats, data breaches, and IT complexity add to the burden of being
able to monitor security events, detect attacks, and assess real and
potential risk. Approximately 40 per cent of organizations are planning
to implement or update a SIEM solution. While 80 per cent of respondents
cited visibility as very important, security teams remained challenged
in this area. Discovering threats was listed as the top challenge to
managing enterprise risk. Key Findings:
● Similar to the 2011 survey, there is a positive trend in security
budgets for 2012 with 96 per cent of the organizations indicating same
or more expenditure on risk and compliance.
● Organization state “Compliance” as the driver for almost 30 per
cent of IT projects.
● Software and appliance are the top choices for risk and compliance
products. On average, one-third of all organizations prioritized the
upgrade/implementation of unique risk and compliance products to address
vulnerability assessment, patch management, remediation, governance,
risk management and compliance.
● Survey data showed rapid uptake towards hosted
software-as-a-service (SaaS) and virtualization. Nearly 40 per cent of
organizations claim to be moving towards these deployment models in
2012.
● Patch management frequency is a challenge - almost half of the
organizations patch on a monthly basis with one-third doing it on a
weekly basis. Just like last year’s analysis, not all companies are
able to pinpoint threats or vulnerabilities, as a result, 43 per cent
indicate that they over-protect and patch everything they can. “Managing risk through security and compliance continues to be a
leading concern for organizations the world over,” said Jill Kyte,
vice president of security management at McAfee. “Meeting the
requirements of increasingly demanding regulations while reducing
exposure to the new classes of sophisticated threats and having an
accurate understanding of risk and compliance at any point in time - can
be challenging. To address this issue, organizations are looking to
“best-of-breed” solutions to manage all aspects of their risk and
compliance needs and reduce the amount of time spent managing multiple
solutions.” About the Report:
The independent research for the Risk and Compliance Outlook was
conducted by Evaluserve on behalf of McAfee. The survey includes
responses from 438 IT decision makers, consultants and security analysts
from companies with more than 250 worldwide employees who are involved
in evaluation, selection, day-to-day management a
nd maintenance of
security products. Surveys were conducted in Australia, Brazil, Canada,
France, Germany, New Zealand, Singapore, United Kingdom and United
States. To download the report, please visit http://www.mcafee.com/rcoutlook12.
About McAfee
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC),
is the world's largest dedicated security technology company. McAfee
delivers proactive and proven solutions and services that help secure
systems, networks, and mobile devices around the world, allowing users
to safely connect to the Internet, browse and shop the Web more
securely. Backed by its unrivaled Global Threat Intelligence, McAfee
creates innovative products that empower home users, businesses, the
public sector and service providers by enabling them to prove compliance
with regulations, protect data, prevent disruptions, identify
vulnerabilities, and continuously monitor and improve their security.
McAfee is relentlessly focused on constantly finding new ways to keep
our customers safe. http://www.mcafee.com McAfee Canada is headquartered in Markham, Ontario, with regional
offices across Canada. The company's Consumer Software Research and
Development facility in based in Waterloo, Ontario. -30- Note: McAfee is a registered trademark of McAfee, Inc. in the United
States and other countries. Other names and brands may be claimed as the
property of others. For more information, please contact:
Maxine Cheung/Andrew Gouveia
StrategicAmpersand Inc. (for McAfee Canada)
maxine@stratamp.com/andrew@stratamp.com
McAfeePR@stratamp.com
(416) 961-5595
Fits All” Approach and are Looking for Best-of-Breed Core Solutions
for Risk and Compliance SANTA CLARA, Calif. - May 29, 2012 - McAfee today announced findings
from its annual study that highlights how IT decision-makers view and
address the challenges of risk and compliance management in a highly
regulated and increasingly complex global business environment. The
report Risk and Compliance Outlook: 2012, found that Database Security
and Security Information and Event Management (SIEM) were among the top
priorities due to increased advanced persistent threats. Database security has been an ongoing concern for organizations due to
highly publicized data breaches and the growing regulatory compliance
demands. The largest portion of an enterprise’s most sensitive and
valuable information resides in databases. When asked about sensitive
database breaches, over one quarter had either had a breach or did not
have the visibility to detect a breach. In addition, respondents listed
databases as the top challenge in meeting regulatory mandates. The other top concern was SIEM, finding that most organizations rely on
legacy systems that do not meet their current needs. Ever changing
threats, data breaches, and IT complexity add to the burden of being
able to monitor security events, detect attacks, and assess real and
potential risk. Approximately 40 per cent of organizations are planning
to implement or update a SIEM solution. While 80 per cent of respondents
cited visibility as very important, security teams remained challenged
in this area. Discovering threats was listed as the top challenge to
managing enterprise risk. Key Findings:
● Similar to the 2011 survey, there is a positive trend in security
budgets for 2012 with 96 per cent of the organizations indicating same
or more expenditure on risk and compliance.
● Organization state “Compliance” as the driver for almost 30 per
cent of IT projects.
● Software and appliance are the top choices for risk and compliance
products. On average, one-third of all organizations prioritized the
upgrade/implementation of unique risk and compliance products to address
vulnerability assessment, patch management, remediation, governance,
risk management and compliance.
● Survey data showed rapid uptake towards hosted
software-as-a-service (SaaS) and virtualization. Nearly 40 per cent of
organizations claim to be moving towards these deployment models in
2012.
● Patch management frequency is a challenge - almost half of the
organizations patch on a monthly basis with one-third doing it on a
weekly basis. Just like last year’s analysis, not all companies are
able to pinpoint threats or vulnerabilities, as a result, 43 per cent
indicate that they over-protect and patch everything they can. “Managing risk through security and compliance continues to be a
leading concern for organizations the world over,” said Jill Kyte,
vice president of security management at McAfee. “Meeting the
requirements of increasingly demanding regulations while reducing
exposure to the new classes of sophisticated threats and having an
accurate understanding of risk and compliance at any point in time - can
be challenging. To address this issue, organizations are looking to
“best-of-breed” solutions to manage all aspects of their risk and
compliance needs and reduce the amount of time spent managing multiple
solutions.” About the Report:
The independent research for the Risk and Compliance Outlook was
conducted by Evaluserve on behalf of McAfee. The survey includes
responses from 438 IT decision makers, consultants and security analysts
from companies with more than 250 worldwide employees who are involved
in evaluation, selection, day-to-day management a
nd maintenance of
security products. Surveys were conducted in Australia, Brazil, Canada,
France, Germany, New Zealand, Singapore, United Kingdom and United
States. To download the report, please visit http://www.mcafee.com/rcoutlook12.
About McAfee
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC),
is the world's largest dedicated security technology company. McAfee
delivers proactive and proven solutions and services that help secure
systems, networks, and mobile devices around the world, allowing users
to safely connect to the Internet, browse and shop the Web more
securely. Backed by its unrivaled Global Threat Intelligence, McAfee
creates innovative products that empower home users, businesses, the
public sector and service providers by enabling them to prove compliance
with regulations, protect data, prevent disruptions, identify
vulnerabilities, and continuously monitor and improve their security.
McAfee is relentlessly focused on constantly finding new ways to keep
our customers safe. http://www.mcafee.com McAfee Canada is headquartered in Markham, Ontario, with regional
offices across Canada. The company's Consumer Software Research and
Development facility in based in Waterloo, Ontario. -30- Note: McAfee is a registered trademark of McAfee, Inc. in the United
States and other countries. Other names and brands may be claimed as the
property of others. For more information, please contact:
Maxine Cheung/Andrew Gouveia
StrategicAmpersand Inc. (for McAfee Canada)
maxine@stratamp.com/andrew@stratamp.com
McAfeePR@stratamp.com
(416) 961-5595