In a recent ESG research survey of 257 security professionals working at enterprise organizations (i.e. more than 1,000 employees), respondents were asked to identify where their organizations were weakest with regard to security monitoring. This graphic displays the results:A few observations:User behavior activity monitoring equates cryptic network and log data to actual users and systems. This monitoring is especially useful to monitor for insider attacks or to detect when user systems are compromised. This type of monitoring resides in the domain of firms like Centrify, Courion, CyberArk, SailPoint, and Securonix.Alternative endpoint monitoring weaknesses can be related to limited visibility around mobile devices, but think about mobile device use in the context of other devices for each user and it gets to be a pretty complex monitoring challenge. This is where vendors like Bradford Networks, Cisco, ForeScout, and Great Bay Software are adding value.There is good threat intelligence available for free and almost every security device ships with “cloud-based Intelligence” as an add-on feature. In spite of this, 24% of enterprise still consider threat intelligence monitoring as one of their organization’s biggest weaknesses. Clearly, threat intelligence has to become easier to understand, easier to integrate, and easier to act upon. This is why companies like BitSight, Norse, and Vorstack look so promising, and why Symantec is doubling down on its DeepSight portfolio.While just 23% claim that monitoring sensitive data access and activity is weakest at their organization, my gut tells me that 100% of firms would admit that they have problems here. This problem is big, complex, and may be the next highly profitable frontier for security VCs and vendors. Symantec’s DLP business continues to grow (albeit quietly from a Symantec PR perspective). Varonis rode this demand to a successful IPO, and visionary but stealthy Atlanta-based startup Ionic will soon announce some further innovation in this space. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe