Feeds

How effective is your security monitoring?

Can you police the policing?

  • alert
  • submit to reddit

3 Big data security analytics techniques

Workshop Poll For many organisations, the litmus test for IT security effectiveness is whether or not security breaches are reduced as a result. Security monitoring should help, but modern environments are complex and multi-faceted, and it can be difficult to determine how much is down to the tools, and how much is down to other factors such as policy.

In this quick poll, we want to get to the bottom of the effectiveness question, both in terms of monitoring itself, and whether resulting environments are any more or less secure. It's mostly tick-and-bash so grab a virtual pen and it should take no more than five minutes of your time, we'll feed your responses into the mill and have the results back to you in no time!

READER POLL: HOW EFFECTIVE IS YOUR SECURITY MONITORING?

1. To what level do you monitor and/or detect security breaches in relation to any of the following?

  Via ad hoc manual checks Via regular manual checks Via automated analysis (post event) Via automated alerting (real time) No real monitoring at all
Desktop systems
Email systems
Mobile equipment
Corporate website
Core business apps
Other (please specify)

2. To what level do you monitor unsuccessful attacks on such systems?

  Via ad hoc manual checks Via regular manual checks Via automated analysis (post event) Via automated alerting (real time) No real monitoring at all
Desktop systems
Email systems
Mobile equipment
Corporate website
Core business apps
Other (please specify)

3. Where do you predominantly run the following systems/apps?

  Predominantly run in-house Predominantly hosted by a third party Roughly 50:50 split between the two N/A
Desktop systems
Email systems
Corporate website
Core business apps

4. Do you specifically monitor and keep track of any of the following user related exposures as opposed to simply dealing with issues as they arise and then forgetting about them? (Please tick all that apply)

Losing laptops/mobile equipment provided by IT dept
Losing personal laptops/mobile equipment
Losing removable storage devices e.g. USB sticks, data cards etc provided by IT dept
Losing personal storage devices e.g. USB sticks, data cards etc
Sending confidential info out of the organisation via email
Taking confidential info out of the organisation via removable storage devices/CDs etc
Accessing dodgy websites
Connecting to unknown or insecure WiFi hotspots
Other (please specify)

5. How happy are you that your monitoring capability provides adequate protection for the organisation in the following areas?

  Very happy
5
4 3 2 Not at all happy
1
Desktop
Email
Mobile equipment
Corporate website
Core business apps
User related exposures
Other (please specify)

6. Do you have policies in place to deal with user related security issues in the following areas? (Please tick all that apply)

Safe use of mobile devices
Safe use of the Web
Safe use of email
Handling and storage of electronic data
Privacy assurance and identity protection

7. Which of the following do you have in place to investigate security issues when they occur? (Please tick all that apply)

Formally defined policies & procedures within IT
Formally defined policies & procedures within the business
Comprehensive logs of system related activity
Forensic tools for investigating systems related activity
Disciplinary procedures for irresponsible employee behaviour
Other (please specify)

8. How much is compliance a driver for implementing monitoring capabilities?

  Major driver
5
4 3 2 Not a driver at all
1
 

9. To what degree have the following been an issue over the past 6 months?

  Major issue
5
4 3 2 Not an issue at all
1
Application downtime
Low level security issues e.g. spam
High level of desktop support requests
External security breaches
Internal security breaches (including data leakage)
Accidental data loss
Accidental data leakage
Other (please specify)

10. In terms of investment what priority is given to IT security monitoring and management spend in your organisation?

One of the highest priorities
Important, but second to many other investments
Minor importance, fairly low down the list of priorities
Unsure
N/A – Invested heavily in the past

11. Which of the following criteria do you take into account when making procurement decisions about security tools? (Please tick all that apply)

Vendor stability
Third party certification
High marks in comparison reports
Industry analyst endorsement
Functional assessment
Third party opinion
Media/online reviews
Other (Please specify)

12. Finally, do you have any advice that you can give with respect to monitoring security solutions?

 

BEFORE YOU GO

13. Approximately how large is your organisation (worldwide) in terms of employees?

Less than 10 employees
10 to 50 employees
50 to 250 employees
250 to 1,000 employees
1,000 to 5,000 employees
5,000 to 10,000 employees
Over 10,000 employees

14. Which of the following best describes your organisation?

Energy & Utilities
Financial Services
Healthcare
Hi-Tech
Manufacturing
Oil & Gas
Pharmaceuticals
Central/Local Government
Retail & wholesale
Professional services
Telecommunications
Travel & Transportation
Other (please specify)

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.