Intrusion detection systems (IDS) have been labelled as not being good enough now or for the last 13 years.
Speaking at a recent Websense event, Martin Jordan, director of the information protection team at KPMG, said that "13 years ago IDS did not work and it still does not give much back" and the security industry needs to improve defences against modern malware and botnets.
He said: “There is some advanced IDS and there is threat management, but the state of IDS is still not enough.”
Asked if he felt that IDS was out of date, Jordan said: “I don't think it addresses the threat. IT departments shouldn't see it as a magic button, as it is all technology and it is all fallible, you can only solve a problem by dealing with the threat appropriately, by gauging what it is.
“I have to help by securing our own network and we are protecting 40,000 people worldwide, and quite often the first thing I look at is the Websense folders, as they are a very rich source of intelligence. So IDS will never solve it but a move towards better solutions will be better for you.”
Speaking to SC Magazine, Metadigm CTO Steven Malone said that it was interesting that he had referenced IDS and not IPS (intrusion prevention systems).
He said: “Around five years years ago, IDS vendors suddenly decided they were intrusion prevention/protection rather than just intrusion detection and IDS morphed into IPS.
“However, with the complexity of APTs on the increase and UTM technology maturing, it's easy to see how blended threats now require blended security rather than standalone products. UTM vendors with a solid offering such as Check Point and Fortinet are in a prime position to service this demand.”
Didier Guibal, executive vice president of worldwide sales at Websense, said: “You cannot do without traditional defences and you need to take a separate look at things.
“You cannot spend 80 per cent of your resources on solutions that only address 30-40 per cent of the threats, so you have to take another look at how you are spending the budget and then beyond that, have a top down strategy so you have a constant additional layer that is consistent with the technology.”