Home > Event Management, InfoSec, Intelligent Video, Manufacturers, PSIM, Trends > SecurityDreamer Trends Report

SecurityDreamer Trends Report

security_dreamer_high-res_4c

Overview

Each year since 2005, SecurityDreamer blogger and industry analyst, Steve Hunt, conducts surveys of end user security executives, tracking trends related to the business of security. We cover physical security and IT security equally at SecurityDreamer, carving our unique niche in the industry. Here is a taste of our findings. Sorry, the complete findings are not available except to Steve Hunt’s consulting clients and participants in the research.

Methodology

I find that narratives yield more insight and are more accurate than statistics. Therefore, the SecurityDreamer approach is to conduct dozens of personal interviews, by phone, email or in person. Each interview covers a subset of topics. Data gathered is generally qualitative and anecdotal, rather than quantitative.

Topics Included

Awareness

Budgeting/Spending

Business Continuity

Consultants, Use of

Event Management

Executive Buy-in

Identity & Access Management

Identity Theft

Interdepartmental Collaboration

Operational Best Practices

Penetration Testing

Physical Information Protection

Social Engineering

Staffing/Headcount

Strategy & Planning

Technology Lifecycle Management

Technology Selection

Approximately 50 companies participated in the survey, representing 11 industries.

Industry

%

Energy

19

Finance

16

Business Svcs

14

Online Merchants

13

Banking

8

Healthcare

8

Retail

6

High-Tech

6

HighTech

4

Entertainment

3

Food&Hospitality

3

 

security_dreamer_high-res_4c

Summary Findings from the SecurityDreamer Research

Increased Spending

While operational security budgets saw little growth across all industries, spending for new projects increased steadily in Energy, Finance, High-Tech and Entertainment. New IT security and physical security projects most notably included

  • Security operations centers
  • Virtual command centers
  • Security information management systems (SIEM, PSIM)
  • Networked cameras and sensors at high-risk facilities

Greatest Challenge

CSOs and CISOs complained that their greatest business challenge is metrics: Normal operational metrics, such as improved response time to security incidents, or numbers of malicious code detections are not compelling to business leaders. Security executives seek better ways to calculate ROI, justify purchases, and measure the success of deployments.

Most Surprising finding of 2012

Collecting Company Wisdom. Far more companies in more industries are documenting processes than we’ve seen in previous surveys.  Continual Improvement (a la Baldrige, Kaizen, Six Sigma, etc) appears to be the primary motivation. Security executives realize that much of the know how of security operations resides in the heads of its local security managers. In a hope to benefit from the sharing of this business intelligence, companies are using a variety of techniques (surveys, performance reviews, online forms) to gather it.

Least Aware of This Threat

Physical threats to information rose to the top of the list of issues about which CISOs and CSOs know the least.  Every security executive we interviewed had an understanding of physical threats to information (unauthorized visitors, dumpster diving, etc) but almost none had studied or measured the risks associated with physical threats to information, nor did they have in place thorough procedures to protect against it.

Least Prepared for This Threat

Two related concepts represent the threat for which nearly all security executives feel least prepared to address: Social engineering and physical penetration.  Every security executive confessed that confidential company information was as risk of social engineer attacks (phony phone conversations, pre-texting, impersonation, spear-phishing, etc.).  Physical penetrations were even more frightening to some executives who were certain that their confidential company information could be collected and conveyed out of the building (in the form of printed documents, photos, memory sticks, etc) by

  • an unauthorized visitor tailgating into the building
  • an attacker bypassing security controls at doors and fences
  • rogue employees or contractors
  • an internal attacker of any type

security_dreamer_high-res_4c

About these ads
  1. idmachines
    February 15, 2013 at 8:13 am

    +1 Steve, thanks for the great blog, many benefits to you and your clients. Nothing like asking questions and listening to people and to then have a document from their answers. The focus on context right procedure through company knowledge is a very good point to share.

  2. Charles
    February 17, 2013 at 3:43 pm

    Steve, you Rock!

    Charles Andrews, CPP
    ASIS International Regional Vice President (State of TEXAS)

  3. May 16, 2013 at 6:07 pm

    Keeping these plants in flowerbeds or flower boxes near your home will attract tachnid flies, who will
    then help control the population of earwigs. Remove and dispose of moldy
    material in plastic bags, if possible. One popular bathroom fixture today that many interior decorators and home owners use is a
    shower bath.

  4. May 23, 2013 at 4:53 pm

    There are many people moving on with the art of photography in the right manner.
    four GHz which is why you want to invest in a jammer that can tamper this signal.
    s r CMOS sensor, BIONZ impression processor
    chip in addition to a Sony Grams contact with powerful (10x optical move,
    25-250 mm range) wide-angel mega-zoom (26 mm) help
    in choosing stunning golf swings quite possibly with low-light circumstances.

  5. May 29, 2013 at 5:40 pm

    You will need to determine if it is the humidity and sweating that you are suffering from,
    as this can be relatively easy to fix. They can thrive in just about any environment
    and are less reliant on moisture than other roaches. It is critical
    to consider the features of your product.

  6. June 30, 2013 at 9:52 am

    It’s not my first time to pay a visit this web site, i am browsing this web site dailly and take good facts from here every day.

  7. February 3, 2014 at 5:28 am

    SRS is normally performed between the ages of 18 to 21.
    The Harley-Davidson Fat Boy is an iconic motorcycle inspired by the hardtail choppers of the past.

    As I have managed to now test drive most every model in the Altima’s D-segment category, I still can clearly walk
    away with the opinion I’d upgrade to this new model if the opportunity
    arose.

  8. March 10, 2014 at 8:13 pm

    Nice blog here! Also your website loads up very fast! What web host are you using?

    Can I get your affiliate link to your host? I wish my web site loaded up as
    quickly as yours lol

  9. August 15, 2014 at 7:16 am

    What’s up to every one, the contents present at this web page are actually remarkable for people knowledge, well, keep up the good work fellows.

  10. August 25, 2014 at 1:59 pm

    His images of their beauty as he poses them with toy dinosaurs, elephants, crocodiles or iguanas, Filippo
    Maggio states; ‘all point to the artist’s presence and establish a virtual contact.
    Here we are talking aout turning a profit not making
    millions overnight sitting on the couch eating chips. Do your twins squabble and fight or do they generally play well
    together.

  11. September 20, 2014 at 5:06 pm

    If you are going for most excellent contents like myself, simply pay
    a visit this web page all the time because it provides quality
    contents, thanks

  12. October 1, 2014 at 8:25 pm

    I am regular reader, how are you everybody?
    This post posted at this web site is genuinely pleasant.

  1. January 17, 2014 at 2:10 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: