News

Most intrusion detection IT fails

Bill Goodwin
The majority of intrusion detection system implementations fail, leaving firms exposed to hackers, analysts claimed last week.

A combination of design flaws and the failure of organisations to monitor and tune their intrusion detection systems means that up to 75% do not work, said Gartner. "Intrusion detection systems have failed. They have failed for years. We are still seeing the same failures in IDS today that were identified by black hat hackers 10 years ago," said Victor Wheatman, vice-president and research area director at Gartner.

Gartner predicted that the emphasis will shift away from intrusion detection systems to intrusion prevention systems.

"Intrusion detection is not a technology you can just turn on and expect it to protect you from then on. There are a lot of failures, and this is starting to matter as we move into intrusion prevention," said Wheatman.

Public key infrastructure may also have had its day, at least as a standalone technology, said Gartner. For most organisations, the cost and complexity of implementing PKI means it is "overkill" for identity authentication. Passwords are adequate for 80% of applications, the analyst firm said.

However, PKI will increasingly be incorporated into other technologies, such as smartcards, to provide strong, simple authentication services, said Wheatman.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy