Intrusion Protection Spending Stays Steady, Monitoring Lags

A look at the intrusion detection and prevention (IDS/IPS) sector shows that security spending is remaining strong, with 37% of enterprise security managers expecting to increase their budget in the next 90 days.

According to 451 Research’s new Voice of the Enterprise: Information Security quarterly study, only 4% of enterprises are decreasing security spending.

That said, although security budgets are stable or increasing for almost all organizations, security managers reported significant obstacles in implementing desired security projects due to lack of staff expertise (34.5%) and inadequate staffing (26.4%).

As one security manager in the retail industry noted, “We continue to struggle with staffing . . . We have been given the open requisitions to hire people, but now we're trying to find the people.”

Given this challenge, only 24% of enterprises have 24x7 monitoring in place using internal resources; and less than half (44.4%) of enterprises have around-the-clock active monitoring in place at all.

"As the understanding of the prevalence of advanced attackers increases, security managers have continued a move from reliance on preventative controls to an increased focus on security monitoring and incident response," said Daniel Kennedy, research director for information security at 451 Research. "Intrusion detection and/or prevention systems are one of the most established and ubiquitous security monitoring tools in place at large enterprises, and perhaps one of the most underutilized.”

More than half of respondents (52%) noted “hackers with malicious intent” as their top security concern over the past 90 days, followed by navigating compliance requirements (38%). As a consequence, 26% of security managers noted that compliance requirements were a key driver in getting projects approved, second only to risk assessment cited by 26.5% of respondents.

In terms of vendors and market share, more than a quarter of the enterprises in the survey names Cisco as their primary platform provider for IDS/IPS.

In the 451 Research Vendor Window study, enterprises rated Palo Alto Networks highest especially for technical innovation, brand/reputation and intrusion detection capabilities. Meanwhile, Cisco FirePower/SourcePower and Dell Secure Works tied for the second highest rated vendors based on evaluations from 353 existing customers.  

What’s Hot on Infosecurity Magazine?