Despite grim predictions
for IT spending overall, spending on security will continue to grow through 2009
across most industry sectors, according to the Institute for Applied Network Security
(IANS).
However, security needs and expenditures will differ between geographic regions in the
United States.
These findings resulted from two information security forums held by IANS in Boston
and Texas recently, for high-level security professionals and security solution
providers.
Many differences in security needs and expenditures “result from organization
maturation and market sector demands,” IANS co-founder Jack Phillips said. “For example a
rail company in the Southwest — often conservative in nature and typically not an early
adopter — has very different security concerns than leading financial institutions,
academia, or medical research organizations in the Northeast.”
IANS information security forums are about tactics and theory, and real life
experience, and are designed to let attendees learn more about the security issues facing
their peers.
Generally, IANS found that compliance remains a hot button for
many organizations across the country. Another is virtualization and its related security concerns.
Overall, data protection remains the top priority, and most organizations deploy
encryption, which is the easiest approach to data protection. Data loss prevention (DLP)
is one area where geographical differences emerge. “In the middle of the country, most
organizations are just now considering DLP technology, but, on the East Coast, most
organizations are now asking if they still need it after making an initial purchase,”
Phillips said.
Intrusion detection and protection systems have been widely adopted, and vendors have
added so much functionality that IT security executives, particularly in the Northeast,
“wonder if they can get away without spending money on DLP,” Phillips said.
Security information and event management (SIEM) (define)
and log management clearly show different rates of adoption by geographic region. Many IT
managers in the Southwest “admit lack of knowledge about the category and are overwhelmed
by and unsure how to use the volume of information these tools generate,” IANS said.
On the other hand, IANS forums held in Boston and New York “are essentially SIEM user
groups since adoption rates there are so high,” Phillips said.
Vulnerability management is hottest on the East coast. “Financial services, biotech,
medical and insurance companies, and universities up and down the East Coast tend to lead
adoption of automating vulnerability scanning and pursuing the new breed of unified
threat managers (UTM) on the market today,” Phillips said.
Article courtesy of InternetNews.com
