Home / Research
Download: EMA Analyst Brief on Agentless DAM

Enterprise Management Associates - Analyst Brief on the Agentless DAM

Database Activity Monitoring (DAM) should be a part of the security strategy for every organization using databases for critical information. However, in determining the level of need and the representative investment for the solution, decision makers should consider three key things when generating their requirements and estimating their investment.
  • Agentless DAM is a highly robust and reliable solution option
  • Because agentless DAM does not need to touch the databases, deployment and lifecycle management are far easier and less complex than agent-based solutions
  • Agentless DAM provides security services beyond traditional DAM and thus offer additional value
This EMA Analyst Brief discusses these issues and why the release of Agentless DAM will make a significant impact on database dependent organizations.

Download: Identifying Critical Gaps in Database Security

Osterman Research Study into Database Security

The study found that only 19 percent of organizations have what the organization considers to be “excellent“ visibility into their data and database assets. This level of visibility is necessary to rapidly identify a data breach. Furthermore, 47 percent of those surveyed do not have an assigned team or even an individual to oversee the security of their databases.

In addition to most survey respondents lacking excellent visibility into their organizations’ data and databases, 59% of respondents lack a high degree of certainty about which applications, users and clients are accessing their databases. When asked what database security issues are of most concern, compromised credentials was the top concern of half of the survey respondents. The next biggest concern was the potential for the organization to experience a major data breach, followed by the inability to identify data breaches until it’s too late.

Download: The SQL Injection Threat Study

Ponemon Study of the SQL Injection Threat

This Ponemon Research survey found the SQL threat is taken very seriously because 65 percent of organizations represented in this study experienced a SQL injection attack that successfully evaded their perimeter defenses in the last 12 months. Almost half of respondents (49 percent) say the SQL injection threat facing their company is very significant. On average, respondents believe 42 percent of all data breaches are due, at least in part, to SQL injections.

Download: The SQL Injection Threat and Recent Retail Breaches

Ponemon Study of Database Attack at the Large Retailers

This Ponemon Research survey found fifty percent of respondents believe cyber syndicates are to blame for the large retail data breaches. Only 16 percent believe an individual perpetrated the attack. Many respondents believe notification of victims is better later than sooner. Thirty-six percent of respondents would prefer to wait to notify victims until a thorough investigation was conducted.

Fifty-three percent of respondents said it appeared SQL injection was very likely used to steal sensitive and confidential information. Sixty-five percent of respondents indicated continuous monitoring of the database network followed by advanced database activity monitoring are the best approaches to avoiding a mega data breach.