Compliance spending is at the heart of many security technology deployments at large and midmarket companies, and with it comes an increasing interest in and data leakage detection capabilities.
A survey of 259 security professionals by IT research firm TheInfoPro has placed event log management as the technology gaining the most attention at Fortune 1000 companies as security pros look to manage log data from multiple security systems and archive it for auditors. Meanwhile, those same companies are evaluating data leakage protection (DLP) technology, which promises to keep tabs on company proprietary data as well as sensitive data, such as Social Security and credit card numbers. Log management and DLP ranked the highest out of a list of about 38 technologies on TheInfoPro's Heat Index, the research firm's ranking of planned technology adoption and funding support for a particular technology.
"Compliance programs are driving certain solutions and log management is one of them," said Bill Trussell, managing director of networking and information security at TheInfoPro. "Organizations we've talked to collect quite a lot of security log information and they need to employ automated systems to process those logs and keep the portions of logs that are important and archive them for reference in the future."
Security spending appears to be rebounding, with 40% of those surveyed indicating increasing security budgets in 2010, according to the survey. About 70% of those surveyed cited spending on IT security at 6% or less of their overall budgets.
Compliance programs are being used more regularly as funding vehicles for security projects. About 75% of firms surveyed said compliance projects were major funding vehicles for security solution procurements, from 52% six months ago, an increase of nearly 50% during the interim period, Trussell said.
More than half of organizations cited increases in their 2010 security budgets specifically to meet regulatory or legal compliance requirements, up from 31% six months ago.
Event log management coupled with SIEM technology
The InfoPro survey found companies interested in event correlation as a very important or extremely important function with SIEM technology. A majority of organizations (70%) are integrating log management into SIEM systems.
SIEM products remained among the top 10 Heat Index technologies for the security management group, Trussell said. Those following the very chaotic SIEM market say companies may find it difficult to properly evaluate vendors since the market is so chaotic. Tripwire Inc. is the latest vendor to enter the SIEM market. Many vendors are competing with similar products, but established names include Arcsight Inc., CA Inc., Intellitactics Inc., IBM, NetIQ Corp. and EMC's RSA Security Division.
Read the full article from here.