Interest grows in IDS

Investment in intrusion detection systems (IDS) is continuing to grow, reports Meta Group. An analysis of Global 2000 companies’ purchase intents showed strong short term interest in both network and host intrusion detection.

  • E-Mail
By  Neil Denslow Published  August 5, 2003

Investment in intrusion detection systems is continuing to grow, reports Meta Group. An analysis of Global 2000 companies’ purchase intents by the analyst house showed strong short term interest in both network and host intrusion detection. Over the long term, there was strong interest in various forms of intrusion detection, which Meta Group says is now becoming widely accepted as a necessary part of well-secured environments. Many organisations were also looking at centralised security information management consoles in the long term as well.

"Organisations that have taken an intelligent approach to intrusion detection have had no problem establishing the value of the technologies," says Chris King, senior program director for Meta Group's security & risk strategies team.

"Those that have purchased a product without the benefit of an underlying policy and plan naturally feel like they have wasted their money, because they have. Technology alone does not improve security, and causing a false sense of security can actually harm the security effort," he adds.

The analyst house also says that security officers have shown only minimal confusion as a result of the transition from intrusion detection to intrusion prevention. It also predicts that the minimal difference between these two closely related approaches will disappear within two years.

Not all areas of security are maturing as rapidly as intrusion detection however. Despite widespread recognition that information security requires separation from IT in order to meet generally accepted system security principles (GASSP), the vast majority of Global 2000 organisations still have information security reporting to the CIO, CTO, or equivalent.

"As security has now started showing some signs of maturation, we are seeing a gradual growth in understanding that technology risk needs to be managed in parallel with IT rather than within IT. But it is difficult to find an executive other than the CIO that is willing to take over an area like information security before it fully matures. Of course, even many CIOs are still resistant," says Mark Bouchard, senior program director for Meta Group's security & risk Strategies.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code