Welcome!

News Feed Item

European IT Professionals Reveal Top Reasons to Monitor Privileged Users, While Many Companies Do Not Protect Their IT Assets From Internal Cyber-Threats

BalaBit IT Security Survey Results Released at RSA Conference 2014

NEW YORK, NY and SAN FRANCISCO, CA -- (Marketwired) -- 02/25/14 -- BalaBit IT Security (www.balabit.com) today announced results of a recent survey of IT security professionals about use of privileged identity management (PIM) and privileged activity monitoring (PAM) technology.

Of those surveyed, respondents ranked the reasons for monitoring privileged users, from most to least important, as follows:

1. Detect/track suspicious user behavior and prevent incidents -- 60 percent considered this the most important factor

2. Control and audit IT service providers

3. Control and audit internal IT staff

4. Support IT/network staff in troubleshooting

5. Support internal business processes (i.e., reporting)

6. Meet/prove compliance with regulatory requirements

7. Control and audit virtual desktop infrastructure (VDI) users

8. Reduce costs for IT operations

9. Support forensics investigations

10. Reduce costs for security audits

"With compliance as the sixth most important reason for companies to deploy PIM, it is reassuring to see that most companies recognize it is more important to increase their operational efficiency by increasing the security level and managing people than only 'checking the box' and passing the audits," said Zoltán Györkő, CEO of BalaBit IT Security.
Altough 98 percent of respondents said that a PAM tool could increase the level of protection to their system security, a relatively high number of 16 percent stated that they have no solution deployed at all to protect against malicious insiders.

"It's disturbing that so many decision-makers are still ignoring the human factor and making their procurement priorities based on the physical and virtual infrastructure. The most commonly used product, firewalls, are completely ineffective against handcrafted attacks, especially APT or internal attacks. It is clear from today's headlines that these types of attacks are happening with much more frequency and are not only a common source of data breaches but the primary source of the most costly cyber attacks," said Györkő.

Additional survey findings include:

  • Those who have any kind of tools against internal attacks use at least two different products at the same time to provide the required protection. Although almost all companies have been using firewalls, only 63% of the interviewed said that they use firewall options such as access policies to prevent internal cyber-attacks
  • 37 percent use identity/password management
  • 30 percent use network access control (NAC)
  • Activitity monitoring is performed by 25 percent of the companies
  • Almost two-thirds would prefer to have a standalone, turnkey appliance for PAM purposes

About the Survey
BalaBit IT Security conducted this survey between September 2013 and January 2014 by interviewing more than 400 IT professionals including CIOs, CSOs, system administrators, system managers and other IT workers in Europe (mainly in France, Germany, UK and Hungary). 44 percent of respondents work for large, 34 percent for middle size, 22 percent for small size companies. They represented industries including IT and telecom (38 percent), government (26 percent), financial (16 percent), retail (7 percent), manufacturer (5 percent) and healthcare (3 percent) sectors.

Receive Free Expo Pass and Cap
BalaBit is participating in the RSA Conference 2014, Feb. 24-28 in San Francisco in Booth #709 as part of the OATH (Initiative for Open Authentication) Pavillion. Visit the RSA Conference 2014 expo with a free Expo Pass courtesy of BalaBit by using code EC4OATH during registration process. The company is also offering a free baseball cap at https://www.balabit.com/lp/free-expo-pass-for-rsa-conference-2014.

About BalaBit
BalaBit IT Security is an innovative information security company, a global leader in the development of privileged activity monitoring, trusted logging and proxy-based gateway technologies to help protect customers against internal and external threats and meet security and compliance regulations. As an active member of the open source community, we provide solutions to a uniquely wide range of both open source and proprietary platforms, even for the most complex and heterogeneous IT systems across physical, virtual and cloud environments.

BalaBit is also known as "the syslog-ng company," based on the company's flagship product, the open source log server application, which is used by more than 1 million companies worldwide and became the globally acknowledged de-facto industry standard.

For more information, visit www.balabit.com.

Dan Chmielewski
Madison Alexander PR
Office +1 714-832-8716
Mobile: +1 949-231-2965
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
"We are a well-established player in the application life cycle management market and we also have a very strong version control product," stated Flint Brenton, CEO of CollabNet,, in this SYS-CON.tv interview at 18th Cloud Expo at the Javits Center in New York City, NY.
Vulnerability management is vital for large companies that need to secure containers across thousands of hosts, but many struggle to understand how exposed they are when they discover a new high security vulnerability. In his session at 21st Cloud Expo, John Morello, CTO of Twistlock, addressed this pressing concern by introducing the concept of the “Vulnerability Risk Tree API,” which brings all the data together in a simple REST endpoint, allowing companies to easily grasp the severity of the ...
Historically, some banking activities such as trading have been relying heavily on analytics and cutting edge algorithmic tools. The coming of age of powerful data analytics solutions combined with the development of intelligent algorithms have created new opportunities for financial institutions. In his session at 20th Cloud Expo, Sebastien Meunier, Head of Digital for North America at Chappuis Halder & Co., discussed how these tools can be leveraged to develop a lasting competitive advantage ...
In his session at @ThingsExpo, Arvind Radhakrishnen discussed how IoT offers new business models in banking and financial services organizations with the capability to revolutionize products, payments, channels, business processes and asset management built on strong architectural foundation. The following topics were covered: How IoT stands to impact various business parameters including customer experience, cost and risk management within BFS organizations.
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He also discussed how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
Here are the Top 20 Twitter Influencers of the month as determined by the Kcore algorithm, in a range of current topics of interest from #IoT to #DeepLearning. To run a real-time search of a given term in our website and see the current top influencers, click on the topic name. Among the top 20 IoT influencers, ThingsEXPO ranked #14 and CloudEXPO ranked #17.
While the focus and objectives of IoT initiatives are many and diverse, they all share a few common attributes, and one of those is the network. Commonly, that network includes the Internet, over which there isn't any real control for performance and availability. Or is there? The current state of the art for Big Data analytics, as applied to network telemetry, offers new opportunities for improving and assuring operational integrity. In his session at @ThingsExpo, Jim Frey, Vice President of S...
Given the popularity of the containers, further investment in the telco/cable industry is needed to transition existing VM-based solutions to containerized cloud native deployments. The networking architecture of the solution isolates the network traffic into different network planes (e.g., management, control, and media). This naturally makes support for multiple interfaces in container orchestration engines an indispensable requirement.
Containers are rapidly finding their way into enterprise data centers, but change is difficult. How do enterprises transform their architecture with technologies like containers without losing the reliable components of their current solutions? In his session at @DevOpsSummit at 21st Cloud Expo, Tony Campbell, Director, Educational Services at CoreOS, will explore the challenges organizations are facing today as they move to containers and go over how Kubernetes applications can deploy with lega...
In their session at @DevOpsSummit at 21st Cloud Expo, Michael Berman, VP Engineering at TidalScale, and Ivo Jimenez, Engineer at TidalScale, will describe how automating tests in TidalScale is easy thanks to WaveRunner. They will show how they use WaveRunner, Jenkins, and Docker to have agile delivery of TidalScale. Michael Berman is VP Engineering at TidalScale. TidalScale is developing a scale up compute and resource architecture for customers to perform big data exploration and real time anal...
Your homes and cars can be automated and self-serviced. Why can't your storage? From simply asking questions to analyze and troubleshoot your infrastructure, to provisioning storage with snapshots, recovery and replication, your wildest sci-fi dream has come true. In his session at @DevOpsSummit at 20th Cloud Expo, Dan Florea, Director of Product Management at Tintri, provided a ChatOps demo where you can talk to your storage and manage it from anywhere, through Slack and similar services with...
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
Learn how to solve the problem of keeping files in sync between multiple Docker containers. In his session at 16th Cloud Expo, Aaron Brongersma, Senior Infrastructure Engineer at Modulus, discussed using rsync, GlusterFS, EBS and Bit Torrent Sync. He broke down the tools that are needed to help create a seamless user experience. In the end, can we have an environment where we can easily move Docker containers, servers, and volumes without impacting our applications? He shared his results so yo...