TechTaffy

tech:

taffy

Database Security, SIEM Top Concerns: McAfee

By TechTaffy Desk

[Techtaffy Newsdesk]

McAfee announced findings from its annual study on how IT decision-makers view and address the challenges of risk and compliance management. The report Risk and Compliance Outlook: 2012, found that Database Security and Security Information and Event Management (SIEM) were among the top priorities due to increased advanced persistent threats.

Database security has been an ongoing concern for organizations due to highly publicized data breaches and the growing regulatory compliance demands. The largest portion of an enterprise’s most sensitive and valuable information resides in databases. When asked about sensitive database breaches, over one quarter had either had a breach or did not have the visibility to detect a breach. In addition, respondents listed databases as the top challenge in meeting regulatory mandates.

The other top concern was SIEM, finding that most organizations rely on legacy systems that do not meet their current needs. Ever changing threats, data breaches, and IT complexity add to the burden of being able to monitor security events, detect attacks, and assess real and potential risk. Approximately 40% of organizations are planning to implement or update a SIEM solution. While 80% of respondents cited visibility as very important, security teams remained challenged in this area. Discovering threats was listed as the top challenge to managing enterprise risk.

Key Findings:

  • Similar to the 2011 survey, there is a positive trend in security budgets for 2012 with 96% of the organizations indicating same or more expenditure on risk and compliance.
  • Organization state ‘Compliance’ as the driver for almost 30% of IT projects.
  • Software and Appliance are the top choices for Risk and Compliance products. On average, one-third of all organizations prioritized the upgrade/implementation of unique risk and compliance products to address vulnerability assessment, patch management, remediation, governance, risk management, and compliance.
  • Survey data showed rapid uptake towards Hosted SaaS and Virtualization. Nearly 40% organizations claim to be moving towards these deployment models in 2012.
  • Patch Management frequency is a challenge – almost half of the organizations patch on a monthly basis with one-third doing it on a weekly basis. Just like last year’s analysis, not all companies are able to pinpoint threats or vulnerabilities, as a result, 43% indicate that they over-protect and patch everything they can.

 

Just in

Around the web

How Elon Musk’s X became the global right’s supercharged front page — The Guardian

Every week, the platform seems to supercharge a news issue that comes to dominate conservative discourse – and often mainstream discourse, as well – with real political repercussions; writes J Oliver Conroy.
Around the web

Court strikes down US net neutrality rules — BBC

A US court has rejected the Biden administration's bid to restore "net neutrality" rules, finding that the federal government does not have the authority to regulate internet providers like utilities; writes Natalie Sherman. 
Around the web

Meta scrambles to delete its own AI accounts after backlash intensifies — CNN

Meta promptly deleted several of its own AI-generated accounts after human users began engaging with them and posting about the bots’ sloppy imagery and tendency to go off the rails and even lie in chats with humans; writes Allison Morrow. 
Around the web

Apple agrees to $95 million settlement in Siri eavesdropping lawsuit — Gizmodo

Apple has agreed to pay $95 million to settle a long-running class action lawsuit that accused the company of illegally intercepting customers’ conversations through its Siri virtual assistant, writes Todd Feathers. 
Around the web

The US Treasury Department was hacked — The Verge

The threat actor stole a key used by BeyondTrust “to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users, writes Emma Roth.