Increased spending on intrusion detection inevitable, says META Group
Increased spending on intrusion detection inevitable, says META Group
Investment plans for security technology remain on target for Global 2000 organisations, according to META Group. An analysis of purchase intents - carried out by META analysts ahead of the analyst group's Security Conference, which takes in San Diego next month - showed strong short-term interest in both network and host intrusion detection.
Long-term plans showed an even stronger interest in various forms of intrusion detection, which, according to META, is finally becoming widely accepted as a necessary part of well-secured environments. Other long-term plans also include centralised security information management consoles for many organisations.
"Organisations that have taken an intelligent approach to intrusion detection have had no problem establishing the value of the technologies," says Chris King, senior program director for META Group's Security & Risk Strategies team. "Those that have purchased a product without the benefit of an underlying policy and plan naturally feel like they have wasted their money, because they have. Technology alone does not improve security, and causing a false sense of security can actually harm the security effort."
META Group believes that organisations failing to successfully deploy some level of intrusion detection capability could experience increased liability by not meeting a court standard of due care. Security officers have shown only minimal confusion as a result of the vendor transition from intrusion detection to intrusion prevention. META Group projects that the minimal difference between these two closely related approaches will disappear within two years.
Not all areas of security are maturing as rapidly as intrusion detection. Despite widespread recognition that information security requires separation from IT in order to meet generally accepted system security principles (GASSP), the vast majority of Global 2000 organisations still have information security reporting to the CIO, CTO, or equivalent.
"As security has now started showing some signs of maturation, we are seeing a gradual growth in understanding that technology risk needs to be managed in parallel with IT rather than within IT. But it is difficult to find an executive other than the CIO that is willing to take over an area like information security before it fully matures. Of course, even many CIOs are still resistant," says Mark Bouchard, senior program director for META Group's Security & Risk Strategies.
Related Article: