The U.S. government is way ahead of commercial enterprise by acknowledging that standardization of configuration, asset and vulnerability-management information -- and demanding an open, extensible framework for security automation -- is the only way organizations have a shot at successful security management.

The message for commercial enterprise is automation and an open framework is a key enabler of successful security management; without it, organizations will drown in event logs, configuration information and alerts.

Further, the U.S. government is pushing security management vendors out of "output-only" integration, Security Information and Event Management (SIEM), to an open, interoperable, Service Oriented Architecture (SOA).

To read the rest of this Impact Analysis sign up for our weekly e-mail newsletters or register for access to free web site content