BMC’s game plan in the crowded enterprise security space

• Enterprises are spending too much resources on preventing the threat, but not enough on remediation process
• 193 days –   that's the average time it takes an organisation to complete the remediation process

 

THE enterprise security space is not an easy place to compete -- it is filled with many security solutions providers, ranging from the traditional security specialists, to incumbent hardware companies that are offering products that comes with security solutions.
 
For BMC Software Inc, a Houston-based enterprise IT solutions provider, its key to remain competitive in this intense market is to come up with solutions that address IT professionals' pain points.
 
It is also doing so without directly competing head-on against most security vendors.
 
"As companies move to the digital world, it exposed the threat vectors to multiple magnitude. Companies are also exposing its brand. It customer data is affected, if business continuity is affected, it impacts the brand. 
 
"We looked at the high profile hacks that occurred, from these hacks, 75% that occurred are not sophisticated and are known vulnerabilities. What is surprising is that it takes an average of 193 days for remediation," said BMC executive vice president of worldwide sales Paul Appleby in an interview with Digital News Asia in Las Vegas recently.
 
Appleby said that the statistics above showed that, when it comes to combating security, companies are spending most of their resources on prevention, and not so much on the remediation process.
 
"This is a huge unaddressed problem. Human cannot interact as fast and as efficient as machines. We need to leverage the power of automation, and to automate the remediation process," said Appleby.
 
With BMC's BladeLogic Threat Director solution, the remediation process will takes just minutes -- far below the average of 193 days. The solution allows companies to address two of the biggest problems in current security strategies: blind spots and isolated processes.
 
It also integrates with BMC Discovery, hence allowing rapid identification of unsecured assets, and providing critical visibility into application dependencies so that operations teams will be able to anticipate the impact of actions on end users. 
 
By integrating with BMC's BladeLogic Network Automation solution, IT is now able to accelerate and scale security operations, closing the door on known vulnerabilities for both servers and networks.
 
"There is a real disconnect in enterprise security between the identification of issues and taking action. Most organisations approach problems from the traditional perspective: a series of defined starts and stops, with no information sharing between steps.
 
"That game plan can leave the door wide open to malicious attacks while IT team struggle to scale and keep track of all these moving parts. At BMC, we are seeing first-hand that organisations realise this approach needs to stop. Our integrated BladeLogic Threat Director solution enables enterprises to eliminate risks and blind spots to reduce the attack surface," said Bill Berutti, president, cloud management/ data centre automation at BMC.
 
According to BMC, the BladeLogic Threat Director remains as the only automation solution that natively integrates vulnerability scan data with operations data, ultimately allowing for accelerated, enterprise-grade remediation for both servers and networks. 
 
BMC and Forbes Insights survey

 

In the recent BMC and Forbes Insight survey, 97% of executives expected to see a rise in data breach attempts in the next 12 months. 
 
The survey also revealed that 44% of senior executives said that security breaches occur even when vulnerabilities and their remediation techniques have already been identified. 
 
"This is why it is important to automate the remediation process," explained Appleby (right).
 
Other interesting findings include: 50% of enterprises experience outages and poor performance in IT systems due to poorly applied security patches; 60% of respondents said operations and security teams have only a general or little understanding of each other's requirement.
 
The data was derived from a survey of 304 executives (C-level executives and vice presidents/ senior vice presidents) from a range of industries in North America and Europe. All respondents were from companies with at least US$100 million in annual revenue.
 
Related Stories:
 
Five key elements to complete IT compliance
 
Kaspersky Labs: Targeted attacks on the rise
 
SEA’s networking nightmare: Cost, lack of skills, and tech evolution
 
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.