We are happy to announce the results of the annual survey of Security Buying Status in which 230 Companies have participated in the enterprise segment. We define enterprise as organisations that have 5000+ employees. This is a preview of the key findings on the buying of various security technologies.

About The Report

  • The Data was collected from various online and offline sources like CISO Platform Security Benchmarking, Programs, Buying Advisory by CISO Platform Analysts, Surveys (online & offline during events)
  • Total sample size 230 enterprises
  • We define enterprise as 5000+ employees
  • Complete report coming soon

(Key Insights) IT Security Buying Trends:

  • Threat Intelligence and Forensics (Network, Endpoint) are the most sought out solutions with 47 % of the enterprises said they are planning to Implement Forensics and Threat Intelligence this year
  • Even though the demand for APT (Advanced Persistent Threat) Security solutions is high, market understanding of various use cases and technologies is not, as APT Security is a broad spectrum of solution and not a point product. 44% of the organization said that they are planning to implement APT Security this year

  • India is at 75-80% par to US in terms of Prevention and Detection capabilities, whereas 10% par in terms of Response and Prediction. And when we compare in terms of adopting emerging technologies, India is less than 10% at par

  • Almost 2 out of 5 Enterprise in India are still not ready to implement Forensics this year
  • Telecom is the most mature market in terms of implementation of these emerging cyber-security technologies whereas Manufacturing is the least matured market

Recommendations:

  • Many organizations are still struggling with this issue of mobile devices and the bring-your-own device concept and hence that drives the demand of Mobile Device Management in India.
  • APT Security is not a single technology/solution but a complex program (people, process and technology ). Sandboxing or any single technology can only provide partial protection against “real” advanced attacks. We suggest organisations to look at the complete stack of technologies and build a holistic program to secure against advanced attacks.

Survey Objectives

The primary objectives of this survey is to find:-

  • The latest trends in Information Security Buying
  • Maturity Level of various Industry domains like BFSI, Telecom, IT/IES etc.
  • Emerging Technologies to look out for in 2016

Data Insights

8669807889?profile=original


Figure 1: Domain of Survey Participants

In Figure 1, we can see that majority of respondents are from BFSI domain with 35% of respondents whereas IT/ITES makes up to 24% in the survey. Public organization accounts to 7% of the respondents.

8669808494?profile=original

Figure 2: Emerging Technologies of 2016

In Figure 2, we can see that 47.2% of the enterprise planning to implement Forensics this year and emerged out as most emerging technology. Similarly, 47% planning Threat Intelligence this year.

State of Implementation of Key Security Technologies

1. Forensics (Network, Endpoint):

Forensics is the science of application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in such a way that it serves as digital evidence in court of law

  • 15.5% Already have Forensics in place
  • 47.2% of the enterprise says they are Planning to Implement this year and
  • 37.3% organization still believes they are not ready to implement Forensics this year.

8669808673?profile=original

Figure 3: Implementation Status of Forensics in 2016

The breakup of Implementation Status of Forensics across domains in India in 2016 is mentioned in a Table1: Telecom and Retail emerged out as the matured industry in terms of implementing Forensics whereas surprisingly BFSI emerged out as least matured in implementing Forensics.

8669809458?profile=original

2. Threat Intelligence:

Threat Intelligence is the act of proactively gathering threat information and identifying, collecting and enriching the relevant information and subsequent analysis of the gathered information. Thus businesses continue to run with comprehensive intelligence and they are enabled to proactively stop threats and monitor their network to quickly respond to and resolve attacks.

  • 32% Already have Threat Intelligence in place
  • 47% of the enterprise says they are Planning to Implement this year
  • 21% organization still believes they are not ready to implement Threat Intelligence this year.

8669809683?profile=original

Figure 4: Implementation Status of Threat Intelligence in 2016

 The breakup of Implementation Status of Threat Intelligence across domains in India in 2016 is mentioned in a Table 2: Telecom and Major IT/ITES emerged out as the matured industry in terms of implementing Threat Intelligence whereas Media/Entertainment is least matured industry in terms of having Threat Intelligence in place.

8669810059?profile=original

3. APT (Advanced Persistent Threat) Security:

For Comprehensive APT Security, multiple products are required and it can be split into various channels like End-Point, Network, Email and Solution with some of Tech Stack capabilities like NGFW etc.

  • 37% Already have APT Security in place
  • 44% of the enterprise says they are Planning to Implement this year
  • 19% organization still believes they are not ready to implement APT Security this year.

8669808700?profile=original

Figure 5: Implementation Status of APT Security in 2016

The breakup of Implementation Status of APT Security across domains in India in 2016 is mentioned in a Table 3: Telecom and BFSI emerged out as the matured industry in terms of implementing APT Security whereas Manufacturing is least matured industry in terms of having APT Security in place.

8669809857?profile=original

4. Mobile Device Management (MDM):  


It brings together people, processes and technology focused to manage mobile devices, wireless networks, and other mobile computing services in a business context.

  • 48.8% Already have Mobile Security in place
  • 42.3% of the enterprise says they are Planning to Implement this year
  • 8.9% organization still believes they are not ready to implement Mobile Security this year.

8669809870?profile=original

Figure 6: Implementation Status of MDM in 2016

The breakup of Implementation Status of MDM Security across domains in India in 2016 is mentioned in a Table 4: Public Sector and BFSI emerged out as the matured industry in terms of implementing MDM Security whereas Media/Entertainment is least matured industry in terms of having MDM Security in place.

8669810476?profile=original

5.  SIEM (Security Information and Event Management) /SOC (Security Operations Center): 

It’s a cyber security product or service that combines the effect of (a) Security Information Management (SIM) and (b) Security Event Management (SEM) and thus combined performs two functions-
(a) centrally storing logs allowing real time analysis and
(b) carrying out trend analysis by collecting data into a central repository and thus providing automated reporting for compliance and centralized reporting.

  • 50% Already have SIEM/SOC in place
  • 41.7% of the enterprise says they are planning to implement this year
  • 8.3% organization still believes they are not ready to implement SIEM/SOC this year.

8669810671?profile=original

Figure 7: Implementation Status of SIEM/SOC in 2016

The breakup of Implementation Status of SIEM/SOC Security across domains in India in 2016 is mentioned in a Table 5: BFSI and Minor IT/ITES emerged out as the matured industry in terms of implementing SIEM/SOC whereas Media/Entertainment Sector is least matured industry in terms of having SIEM/SOC Security in place.

8669810684?profile=original

This report is not comprehensive as this covers only the Top 5 Emerging Buying Trends. For comprehensive report, please contact us at analyst@cisoplatform.com

Pre-Registrations For Annual Summit Is Now open! Click Here To Know More

8669810697?profile=original

Pre-Launch Preview:State of Security Technology Buying in Enterprises (Annual Report 2016)" /">http://goo.gl/hLv4PW" />
E-mail me when people leave their comments –

CISO Platform

You need to be a member of CISO Platform to add comments!

Join CISO Platform