Subscribe
About
  • Home
  • /
  • Security
  • /
  • New study shows European businesses overwhelmed by security data

New study shows European businesses overwhelmed by security data

By Micromuse
Johannesburg, 04 May 2006

A new study finds that European businesses are unable to deal with the vast amount of data generated from security devices such as firewalls and anti-virus software.

The study, sponsored by Micromuse -- which was recently acquired by IBM - reports that almost a third (30%) of IT directors questioned admitted that the amount of security data generated is far too great for them to examine to identify potential security threats.

The findings suggest that many organisations rely on the expertise of a single person, who may not have the time to evaluate all the data and stay informed of which security breaches should be tackled first. Sixty-nine percent of organisations rely on a single IT manager to manually sift through records, or "logs", of security incidents to spot suspicious behaviour or potential security threats. This figure rises to 79% in the public sector, a disturbing revelation as the public sector moves towards e-government initiatives and begins to put more and more key services online.

The sheer volume of data received by organisations was a common theme throughout the research, with almost half of respondents receiving more than 4 000 security incidents, or "events", per second, and 15% receiving more than 6 000 events per second.

A security event is registered whether the action on the device is critical or not, creating masses of security data for examination by the IT department - clearly in excess of the capabilities of the department. Public sector and finance organisations receive more than double the amount of events than other sectors - 38% and 39%, respectively, admitted to receiving more than 6 000 events per second. This may be due to the confidential nature of the data that their networks contain and could indicate they are the biggest target for cyber criminals, especially if they aren`t managing their security effectively.

The research also reveals that the amount of time spent by organisations to gather, collate and analyse security log data is consuming a significant proportion of IT resources. In fact, one in 10 of those questioned said their IT department spent more than three days each week analysing security log data. Across the vertical sectors, the retail and public sectors are experiencing the most difficulties in identifying and prioritising security threats, with 44% and 41% respectively unable to cope with the vast amount of log data received each second.

Furthermore, 72% of businesses rely on the IT manager`s expertise and experience to prioritise which security events matter most. Unless the IT department is kept up-to-date on its business priorities, then a threat linked to one enterprise application may be resolved first - despite another application being more critical to the security of the business.

"With the volume of security threats received by businesses increasing each day, placing the responsibility in just one person`s hands leaves businesses themselves open to breaches -- especially when the person goes on holiday or leaves the organisation," said Richard Lowe, Senior Vice-President for Business Operations, IBM/Micromuse. "As businesses begin to place more importance on remote and mobile working, online transactions, intranets and extranets, a more proactive and self-managing approach to security information management is required. It ensures serious security breaches can be identified, highlighted to staff, prioritised and resolved quickly before they impact services, customers and revenue."

The survey, entitled `Defining and Prioritising Security Threats`, highlights the security approach of IT departments across Europe. The research was conducted by independent researcher, Vanson Bourne, and questioned 700 IT managers in the UK, France, Germany, Italy, Spain, Sweden and the Netherlands.

In February 2006, Micromuse was acquired by IBM as part of its Tivoli division. Micromuse is a leading provider of network management software used by banks, telecommunications carriers, governments, retailers and other organisations to monitor and manage their sophisticated technology infrastructures. The software helps customers manage increasingly complex IT systems that support the proliferation of voice and video traffic, in addition to data, due to the growing adoption of voice over IP (VOIP), audio and video services delivered over the Internet. The combination of Micromuse`s software and IBM`s IT service management technology provide customers with a comprehensive approach for reducing the complexity of their IT environments, lowering operational costs, and addressing compliance mandates.

Netcool/NeuSecure is a security information management (SIM) platform designed to improve the effectiveness, efficiency and visibility of security operations and information risk management. Netcool/NeuSecure centralises and stores security data from throughout the IT enterprise, automating incident recognition and response, streamlining incident handling, enabling policy monitoring enforcement and providing comprehensive reporting for regulatory compliance.

Share

Micromuse

Micromuse Limited, an IBM company, is the leading provider of ultra-scalable, real-time business and service assurance software solutions. The Netcool software suite provides organisations with the assurance that their IT systems are supporting and driving profits 24 hours a day. Unlike traditional infrastructure management systems, Netcool solutions provide real-time end-to-end visibility and accurate troubleshooting from a business perspective. Such business intelligence allows organisations to respond to problems quickly, streamline workflow processes and improve business uptime. Micromuse customers include Telkom SA, Vodacom, BT, Cable & Wireless, Deutsche Telekom, EarthLink, ITC^DeltaCom, JPMorgan Chase, MCI, T-Mobile and Verizon. Headquarters are located at 90 Putney Bridge Road, London, SW18 1DA, +44 (0) 208 875 9500. The Web site is at www.micromuse.com.

Editorial contacts