We are happy to announce the results of the annual survey of Security Implementation Status and Industry Benchmarking, in which 410 companies have participated in the enterprise segment. This is a preview of the key findings on the implementation of various security technologies.
The data has been collected through the survey conducted online through the "5th Top 100 CISO Awards, 2015" nomination form. With data collected over 5 years, we have planned a series of interesting reports which shall provide deeper insights on the state of security in the Industry. This report aims to help you align your security initiatives with the strategic goals of the business.
About the Report
- Report created through Annual Survey of 410 companies during the nominations of "5th Top 100 CISO Awards, 2015"
- Total sample size of 410 enterprises
- Small and Medium sized companies are excluded in the analysis
- Complete report coming soon...
State of Implementation of Key Security Technologies
Anti Malware can provide real time protection against the installation of malware software on a computer.This type of malware protection works the same way as that of antivirus protection in that the anti-malware software scans all incoming network data for malware and blocks any threats it comes across.
Anti-malware software programs can also be used solely for detection and removal of malware software that has already been installed onto a computer. To prevent email spam or unsolicited bulk email, both end users and administrators of email systems use various anti-spam techniques. Some of these techniques may be embedded in products, services and software to ease the burden on users and administrators. No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives), and the associated costs in time and effort.
The market has 96% who have already implemented the anti malware-anti spam solution and 4% who want to implement it in 2015.
Application/ Database Security:
Application security encompasses measures taken throughout the code's life-cycle to prevent gaps in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application.Database security concerns
the use of a broad range of information security controls to protect databases (potentially including the data, the database applications or stored functions, the database systems, the database servers and the associated network links) against compromises of their confidentiality, integrity and availability. It involves various types or categories of controls, such as technical, procedural/administrative and physical. Database security is a specialist topic within the broader realms of computer security, information security and risk management.
37% have planned to implement application/database security in this year and 61% have already implemented it.
Unified Threat Management:
A single UTM (Unified Threat Management) appliance simplifies management of a company's security strategy, with just one device taking the place of multiple layers of hardware and software.
Also from one single centralized console, all the security solutions can be monitored and configured.
58% has already implemented UTM and 27% say they have plans to implement UTM in this present financial year. 15% do not have any plans as of now.
( Read more: Checklist to Evaluate A Cloud Based WAF Vendor )
Strong authentication is any form of authentication in which the verification is accomplished without the transmission of a password and is useful particularly where access to an account must be linked to an actual person, corporation or trust.
However, strong authentication is not necessarily multifactor authentication. Soliciting multiple answers to challenge questions may be considered strong authentication but, unless the process also retrieves 'something you have' or 'something you are', it would not be considered multi-factor authentication.
The penetration in the market is at 69% (who have already implemented strong authentication) and 26% who want to implement strong authentication this year.
Bio-metrics authentication is used in computer science as a form of identification and access control.
It is also used to identify individuals in groups that are under surveillance.Biometric identifiers are the distinctive, measurable characteristics used to label and describe individuals.Examples include, but are not limited to fingerprint, palm veins, face recognition, DNA, palm print, hand geometry, iris recognition, retina and odour/scent.
66% has already implemented Bio Metrics and 17% who have plans to implement Bio Metrics in this present financial year. 17% do not have any plans as of now.
DLP/ Data Security:
Data Loss Prevention (DLP) solution is a system that is designed to detect potential data breach / data ex-filtration transmissions and prevent them by monitoring,
detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage). Data loss incidents turn into data leak incidents in cases where media containing sensitive information is lost and subsequently acquired by unauthorized party.
The market has a good amount of requirement of this solution with 40% who have plans of implementing DLP in this financial year.
DOS (Denial of Service Security):
In computing, a denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users.A DoS attack generally
consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. As clarification, distributed denial-of-service attacks are sent by two or more people, or bots, and denial-of-service attacks are sent by one person or system.
The penetration in the market is at 53% (who have already implemented denial of service security) and 36% who want to implement denial of service security in 2015.
Digital Rights Management:
Digital rights management (DRM) technologies are typically associated with business to consumer systems designed to protect rich media such as music and video. Information rights management (IRM) is a
subset of digital rights management (DRM), technologies that protect sensitive information (mostly in the form of documents) from unauthorized access.
The market has a good amount of requirement of this solution with 43% who have plans of implementing in 2015 and 28% who have already implemented. Also 29% have no plans of implementation yet.
End Point Security:
Endpoint security system consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the devices or endpoints.
The server authenticates logins from the endpoints and also updates the device software when needed.Although endpoint security software would be different for various providers you could expect most of the offerings to provide antivirus, anti spyware, firewall and also a host intrusion prevention system (HIPS).
The market has 85.4% who have already implemented end point security solution and 14% who want to implement it in 2015.
( Read More: 16 Application Security Trends That You Can't Ignore In 2016 )
SIEM/ Incident Response:
Security information and event management (SIEM) is a term for software products and services combining security information management (SIM) and security event management (SEM).
SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM is sold as software, appliances or managed services, and are also used to log security data and generate reports for compliance purposes.
The market has a good amount of requirement of this solution with 34% who have plans of implementing SIEM in this year and 62% who have already implemented SIEM.
Identity & Access Management:
Identity and Access management (IAM) describes the management of individual principals, their authentication, authorization, and privileges within or across system and enterprise boundaries with the goal
of increasing security and productivity while decreasing cost, downtime and repetitive tasks. It enables the right individuals to access the right resources for valid reasons. The terms "Identity Management" and "Identity and Access Management" (or IAM) are used interchangeably in the area of Identity access management, while identity management itself falls under the umbrella of IT Security.
55% has already implemented IAM and 36% have plans to implement IAM in this year. 9% do not have any plans as of now.
Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of
intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it. IDS comes in a variety of “flavors” and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and host based (HIDS) intrusion detection systems.
The penetration in the market is at 80% (who have already implemented IDS/IPS) and 17% who want to implement IDS/IPS this year.
Mobile Device Security:
Users and businesses not only use smartphones for communication but also for planning and organizing their work and hence smartphones collect and compile an increasing amount of sensitive information to which access must be controlled to protect the privacy of the user and the IP of the company.Different security counter-measures are being developed and applied to smartphones, from security in different layers of software to the dissemination of information to end users.
53% have plans to implement mobile device security in 2015 with 40% who have already implemented.
Patch management is the process of using a strategy and plan of what patches should be applied to which systems at a specified time.A patch is a piece of software designed to update a computer program or
its supporting data, to fix or improve it.This includes fixing security vulnerabilities and other bugs, and improving the usability or performance.
The penetration in the market is at 86% (who have already implemented patch management) and 14% who want to implement patch management this year.
Wireless security is the prevention of unauthorized access or damage to computers using wireless networks. The most common types of wireless security are Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA).
The current standard is WPA2. WPA2 uses an encryption device that encrypts the network with a 256-bit key; the longer key length improves security over WEP.Wireless Intrusion Prevention Systems (WIPS) or Wireless Intrusion Detection Systems (WIDS) are commonly used to enforce wireless security policies.
The penetration in the market is at 70% ,who have already implemented and 23% who want to implement wiresell security this year.
Secure email/ web gateway/ content filtering:
Secure email gateways provide protection from email spam and malware. It also provides outbound email content inspection and encryption of emails.
The market has 92% who have already implemented the Secure email gateway solution and 7% who want to implement it in 2015.
Encryption for servers/storage/database:
Database encryption is the process of converting data, within a database, in plain text format into a meaningless cipher text by means of a suitable algorithm. The database encryption protects
the stored data.Database encryption is done to encrypt sensitive data like credit card numbers, medical records, etc. on the tables, columns, or rows of a database. Database encryption requirements are sometimes governed by regulation or business or data privacy laws specific to different countries.
The market has 58% who have already implemented server/storage/database encryption and 30% who want to implement it in 2015.
IT GRC Management Tools:
IT GRC is the umbrella term covering anorganization's approach across these three areas: Governance, risk management, and compliance.
Governance is the combination of processes established and executed by the board of directors that reflects the organization's structure, how it is managed, led and driven towards the achievement of its goals. Aligned with the risk management, which involves the prediction and management of risks that could hinder the organization to achieve its objectives, and the compliance with the company's policies and procedures, laws and regulations, a strong and efficient Governance is considered key to organization's success. This space has evolved into offerings for both the enterprise GRC (eGRC) and IT GRC.
52% have said that they want to implement ITGRC in the next 12 months and only 22% have already implemented. Also 26% said they still don't have any plans of implementation.
Security Awareness & Training:
Training members of an organization regarding the protection of various information assets of that organization can hugely help improve organizational compliance, security knowledge and change poor security behaviors.
78% have said that they have already implemented/used security awareness and training and 21% who want to implement security awareness and training in the next 12 months.
Credits: Some of the above description text has been taken from Wikipedia.