Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information...
-
Upload
cathleen-elliott -
Category
Documents
-
view
213 -
download
0
Transcript of Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information...
![Page 1: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/1.jpg)
Hosted by
Trends in Enterprise IT Security
Andrew Briney, CISSPEditorial Director, Information Security
October 15, 2003
![Page 2: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/2.jpg)
Hosted by
Agenda
Security Budgets and Spending
Technologies and Services: Hot & Not
What Do You Value Most?
The “Maturing” Profession
![Page 3: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/3.jpg)
Hosted by
Information Security Polling
2003 ISM Annual Survey
• 3,500 IT security professionals
2003 ISM Product Survey
• 1,100 IT security professionals
2003 SearchSecurity Users’ Survey
• 372 IT security professionals
TheInfoPro (TIP), Q3 2003 Survey
• Interviews with 160 senior IT security pros
![Page 4: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/4.jpg)
Hosted by
Global IT Security Market
$17B
$45B
25% CAGR
2001
2006 Source: IDC Corp.
![Page 5: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/5.jpg)
Hosted by
Budget Changes: Since 9/11
Source: SearchSecurity
51% of organizations have increased spending
![Page 6: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/6.jpg)
Hosted by
50%
25% 25%
1 2 3
Hosted by
Will your IT security budget increase in the next 12 months?
1.Yes2.No3.Don’t know
![Page 7: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/7.jpg)
Hosted by
Budget Changes: 2002-2003
Source: TheInfoPro
54% of organizations will increase spending
Stay the same35%
Less11%
More54%
![Page 8: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/8.jpg)
Hosted by
25% 25% 25%
0%
25%
0% 0%
1 2 3 4 5 6 7
Hosted by
By how much will your IT security budget increase in the next 12 months?
1. More than 50%2. 25% -50%3. 10% - 24%4. 1% - 9%5. No change6. Budget will decrease7. Don’t know
![Page 9: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/9.jpg)
Hosted by
IT vs. Security Budgets
% of IT Budgets Devoted to Security
Source: Information Security Magazine
![Page 10: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/10.jpg)
Hosted by
• 2005: 60% will have both.
• 2001: 7% of organizations had BOTH IDS and VA.
Hot and Not (1)
Source: Information Security Magazine
• By 2005, AV, FWs and VPNs will be deployed in 95% of organizations.
![Page 11: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/11.jpg)
Hosted by
125%
225%
350%
Hosted by
Do you plan to invest in managed security monitoring services in 2004?
1. Yes2. No3. Don’t Know/NA
![Page 12: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/12.jpg)
Hosted by
150%
225%
333%
Hosted by
Do you plan to invest in special-purpose security appliances in 2004?
1.Yes2.No3.Don’t Know/NA
![Page 13: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/13.jpg)
Hosted by
Hot and Not (2)
29%
27%
27%
16%
29%
38%
31%
21%
56%
43%
50%
46%
38%
18%
48%
58%
15%
30%
23%
38%
33%
44%
21%
21%
0% 20% 40% 60% 80% 100%
Authentication
Security EventManagement
Access Control andAuthorization
Assessment andAudit Services
Perimeter NetworkSecurity
Security Appliances
Content Filtering
Encryption
Less Money About the Same More Money
In 2003, will you spend more, less or the same amount on these technology areas?
Source: TheInfoPro
![Page 14: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/14.jpg)
Hosted by
25% 25% 25% 25%
0%
1 2 3 4 5
Hosted by
What do you value most when selecting a security product?
1. Features/functionality2. Fit with current network/data infrastructure3. It’s own built-in security4. Price5. Other
![Page 15: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/15.jpg)
Hosted by
Feature Creep
Source: Information Security Magazine
![Page 16: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/16.jpg)
Hosted by
0%
25% 25% 25% 25%
0%
1 2 3 4 5 6
Hosted by
What do you value most when selecting a security vendor?
1.Technical Support2.Produce leading product3.Financial stability4.Strength of R&D5.Breadth of product line6.Other
![Page 17: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/17.jpg)
Hosted by
Vendor Value
Source: Information Security Magazine
![Page 18: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/18.jpg)
Hosted by
25% 25% 25% 25%
0% 0%
1 2 3 4 5 6
Hosted by
To what extent do regulatory and legal requirements drive your security actions?
1. Never
2. Rarely
3. Sometimes
4. Mostly
5. Always
6. Don’t Know/NA
![Page 19: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/19.jpg)
Hosted by
Regulatory Impact
• To what extent do regulatory and legal requirements drive your security actions?
Source: Information Security Magazine
![Page 20: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/20.jpg)
Hosted by
Proactive Defense
• At what point do you act on an emerging security threat?
Source: Information Security Magazine
![Page 21: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/21.jpg)
Hosted by
Risk Analysis
• What type of risk methodology(ies) do you use?
Source: Information Security Magazine
![Page 22: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/22.jpg)
Hosted by
Andy’s Crystal Ball
2004 Security Spending: “Y2K Effect”
Functionality Converges at Perimeter
“Intrusion Defense” Gets Smarter
Profession Continues to Mature
![Page 23: Hosted by Trends in Enterprise IT Security Andrew Briney, CISSP Editorial Director, Information Security October 15, 2003.](https://reader035.fdocuments.net/reader035/viewer/2022070413/5697bfd61a28abf838cae0e6/html5/thumbnails/23.jpg)
Hosted by
Trends in Enterprise IT Security
Andrew Briney, CISSPEditorial Director, Information Security
October 15, 2003