Vulnerability and Risk Management Trend Survey Findings

nCircle, a provider of enterprise-class vulnerability and risk-management solutions, today announced the results of an industry trend survey. The survey shows that while reducing network security risk is the number one concern for businesses this year, half of all respondents had no way to measure and report on that risk.

nCircle polled 1,700 CIOs, CSOs and security directors for the Vulnerability and Risk Management Trend survey. The survey results indicate that many businesses still lack the information they need to determine the effectiveness of their security ecosystem:

• 60 percent of respondents were unable to determine whether their network security risk was decreasing or increasing over time
• 58 percent of respondents stated they are unable to generate reports about applications or vulnerabilities on their network by region business unit or business owner
• 52 percent of respondents stated they have no way to verify and manage compliance with their own internal security policies.

"We conducted this survey to better understand how businesses view and manage their network security risk," said Elizabeth Ireland, vice-president of marketing, nCircle. "These results highlight the need for a significant number of enterprises to implement solutions and processes that will enable them to more effectively measure, manage and ultimately reduce their risk."

In addition to reducing network security risk, respondents identified the management of regulatory compliance as a key business concern. Fifty per cent of respondents stated that it takes their company more than one month to compile information for compliance reporting.

In terms of future investments in security technology, respondents indicated that they are planning to add identity and access management, and vulnerability management technology in the next year.