IT Security is going to be top-of-mind for many CIOs during 2016 -- most will seek the help of leading vendors. More than 32 percent of the enterprises surveyed name Splunk as their primary Security Information and Event Management (SIEM) platform provider, according to the latest market study by 451 Research.
Responding enterprises rated Splunk highest especially for querying capability and the ease of integrating new data feeds. Intel Security is the second highest rated vendor based on evaluations from its 380 existing customers.
Spending on IT security remains strong, with 44 percent of enterprise security managers expecting to increase their budget in the next 90 days. Only 4 percent of enterprises are decreasing security spending.
While security budgets are stable or increasing for almost all organizations, security managers reported significant obstacles in fully realizing the benefits of SIEM solutions because of lack of staff expertise (44.4 percent) and inadequate staffing (27.8 percent).
Skilled and Experienced IT Security Talent Shortfall
As one security manager in a utilities company noted, "There is a shortage of qualified security people in the United States. I think that shortage is at very drought proportions here in [my city], and it's very difficult to find qualified people." Given this significant skills challenge, only 56.9 percent of enterprises are able to devote more than one professional to their SIEM implementation and monitoring.
Moreover, 41 percent of respondents noted "hackers with malicious intent" as their top security concern over the past 90 days, followed by navigating compliance requirements (37 percent). As a consequence, 23 percent of security managers noted that compliance requirements were a key driver in getting projects approved, second only to risk assessment cited by 25 percent of respondents.
"SIEM solutions hold a lot of promise as the centralized solution for unlocking all the secrets held in the logs of enterprise systems and marrying them with the use of threat intelligence," said Daniel Kennedy, research director at 451 Research.
They believe that SIEM solutions still retain a reputation for being difficult to set up, difficult to add new feeds, and difficult to tune. That being said, their value to the IT security manager is understood, and while many SIEM implementations may have started out as a compliance check mark, they have transcended those roots.
Sixteen different vendor attributes were examined in the fourth quarter 2015 study which plots enterprise adoption and compares and indexes vendors' promise prior to deployment as well as fulfillment after deployment.
Dynamic and Static Application Security Tools (DAST/SAST)
A second Vendor Window on both Dynamic and Static Application Security Tools (DAST/SAST) published in the study indicates open source solutions, Tenable Network Security (a vulnerability assessment tool provider that offers dynamic web application scanning), and IBM are the most widely deployed.
Overall, IBM was seen as the most important vendor in the space by their customers, but according to the 451 Research assessment, it was Veracode and WhiteHat Security products that ranked highest with their customers.
These latest findings are based on responses from over 900 enterprise IT professionals, primarily in North America and EMEA, including 582 unique vendor evaluations in the third and fourth quarters of 2015.