IT Security: Detection and Response ever more crucial

IT Security: Detection and Response ever more crucial

Market research and expert consultants Gartner have observed that users are shifting an ever growing portion of their IT security budgets to “Detection and Response” activities. Demand for pure prevention, the experts go on to say, is now shrinking.

Gartner is expecting companies to spend about $90 billion dollars on IT security across the globe this year, representing a rise of nearly 8 percent over 2016. By 2020, spending is projected to rise further to 113 billion dollars. Improving capabilities in detection and response is set to become a key priority for security buyers over that period, according to the experts.

“The shift to detection and response approaches spans people, process and technology elements and will drive a majority of security market growth over the next five years,” explains Gartner analyst Sid Deshpande. This doesn’t mean, of course, that prevention has suddenly lost its importance, nor that Chief Information Security Officers (CISOs) will now stop trying to prevent security incidents. It is rather the recognition that prevention may be futile, unless it is backed up with detection and response capabilities.

A shortage of expertise and skills within enterprises is also boosting spending on security services. After decades focusing on purely preventive measures, many firms lack organizational knowledge on detection and response strategies in their security teams, Gartner’s experts add. These highly specialized skills are scarce and consequently expensive, leading many companies to seek external support from security consultants, managed security service providers (MSSPs) and outsourced services.

“Simple virus protection solutions have long been insufficient,” explains Bernhard Hecker.

In “Patient Zero Detection® Retarus has developed a new solution, which falls totally within the trend posited here by Gartner. Utilizing digital fingerprints, the service is even able to identify threats contained in emails which have already been delivered. “Once malware has entered the network, it becomes crucial to limit the damage it can cause,” comments Bernhard Hecker, Director Product Management at Retarus. “Only by quickly identifying the recipients of infected messages, can companies prevent greater harm from being inflicted.”

Tags: // // //