1. Business Ideas
  2. Business Plans
  3. Startup Basics
  4. Startup Funding
  5. Franchising
  6. Success Stories
  7. Entrepreneurs
  1. Sales & Marketing
  2. Finances
  3. Your Team
  4. Technology
  5. Social Media
  6. Security
  1. Get the Job
  2. Get Ahead
  3. Office Life
  4. Work-Life Balance
  5. Home Office
  1. Leadership
  2. Women in Business
  3. Managing
  4. Strategy
  5. Personal Growth
  1. HR Solutions
  2. Financial Solutions
  3. Marketing Solutions
  4. Security Solutions
  5. Retail Solutions
  6. SMB Solutions
Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

90% Of Companies Using Security Data Ineffectively

security, data, IT
Just 10 percent of organizations feel confident in their ability to effectively analyze security data. / Credit: Security threat image via Shutterstock

Is your company's IT department logging and monitoring data from security devices? If so, you're in the majority: 77 percent of organizations do this, according to recent survey results from SANS Institute. But when it comes to analyzing that data, there's still a lot of room for improvement. According to the survey findings, just 10 percent of respondents felt confident in their organization's ability to use data to effectively detect security trends.

The SANS Institute, a research and education organization specializing in information security, conducted a follow-up to its 2013 Log Management Survey with 647 professionals from small, medium and enterprise-size organizations in a variety of industries. The results showed that security operations teams are falling behind on detecting threats because their data sets were simply too large to sift through.

"[Organizations] are trying to add intelligence and improve analytics of the security data they're collecting, but they're struggling in various ways," said Deb Radcliff, executive editor of the SANS Analyst Program. "The primary issue is, they're not able to make the associations to detect security events among their event and log data."

[REVIEW: The Best Business Security Systems]

About half of the survey respondents rely heavily on traditional log management and SIEM (security information and event management) solutions, while only 17 percent are using advanced threat intelligence and profiling databases. SANS senior analyst Dave Shackleford said that these basic products may not address the latest security challenges facing many organizations.

"More scalable and flexible analytics platforms are gaining interest and attention from the security community, and will likely continue to do so, given the threats and attacks we face today," Shackleford said.

Next week, SANS will host a two-part webcast on the survey results and explain how to better utilize security data. Visit SANS.org for more information.

Nicole Fallon

Nicole received her Bachelor's degree in Media, Culture and Communication from New York University. She began freelancing for Business News Daily in 2010 and joined the team as a staff writer three years later. She currently serves as the managing editor. Reach her by email, or follow her on Twitter.

See All