Only a decade ago, there really was no such thing as security management systems. Some very large organizations built their own tools or took advantage of freeware Syslog collectors, but these were the exceptions to the rule. The majority of companies’ security safeguards were made up of firewalls, IDSs, and desktop antivirus software.
Times have certainly changed. Today, most large organizations have security management technologies deployed for security event collection and correlation, threat management, and compliance controls monitoring. The broader marketplace is likewise now being driven by compliance and a global, institutional threat as well. Does this mean that security management is an established and stable market? Yes and no. This blog concludes:
Security management is constantly challenged by new threats, regulations, and requirements. IT risk is a dynamic mix of new threats, vulnerabilities, and attack vectors where security management must adapt to these changes regularly. In addition, companies of all sizes are also asked to comply with new and more stringent regulations that demand immediate security management support. Finally, enterprises are using security management analytics and log data in new and creative ways all the time. Security management tools must provide the right use model and analytics capability to meet these demands for security and business professionals.
Security management is proceeding through an evolutionary cycle. ESG believes that security management has already developed through two phases. The first was the perimeter phase when security management tools were called upon to collect log events from a small number of perimeter security devices and provide some correlation and analysis capabilities. The second phase meant more log data from more sources for security events, threat management, and compliance reporting. A new evolutionary phase, beginning in 2009, adds new security management requirements to support other types of business processes.
The operational phase demands a quantum leap in scale, analytics, and automation. The third, or business, phase of the evolution takes security management to a new place in the enterprise. Multiple forms of data from many sources must be aggregated, processed, and available for even more sophisticated business, IT, and security analytics. These requirements will change the product and vendor landscape. Only those with the right product scale, design, ease-of-use, and vision will remain
No hay comentarios:
Publicar un comentario