Poor Visibility of Security Policies and Processes Holding Back Business Productivity, according to AlgoSec Survey

New findings highlight the need to ensure business application availability, automate security change management and manage next-generation firewall policies

June 27, 2013

Sydney, Australia – AlgoSec, the market leader in Security Policy Management, has issued its Australian 2013 State of Network Security Report, based on a survey of 116 IT security and network operations professionals, conducted at the AusCERT conference in May 2013.  Results from the survey show that two-thirds (65.4%) of respondents said poor visibility of security policies and time-consuming, manual processes are their greatest network security challenges.

Ensuring business application connectivity is a major challenge, with a quarter reporting that more than 80% of firewall changes were made to enable business applications. However, the impact of these changes on the business is taxing with 74% stating that application-related rule changes resulted in an outage, security breach or decreased network performance. The survey also found that a high number of network and application outages are due to out-of-process security policy changes.

Next-Generation firewall (NGFW) adoption is much higher in Australia than in other continents with 77.6% of organisations having deployed at least one NGFW in their environment (compared to 56.8% in the US and 36% in Europe). However, NGFWs add more work to their firewall management process due to the challenges around defining a NGFW policy, additional training, managing alongside traditional firewalls, the volume of changes and time required to process them.

“The results from our Australian survey reflect what we’re hearing from our large customers here and overseas – that when it comes to improving security and business agility, it’s all about the applications,” said Guy Givoni, AlgoSec’s VP and GM for APAC. “You have more organisations implementing NGFWs to gain visibility and control of web applications. And then you have critical business applications, which are interconnected with other network components through complex security policies.”

“Without the proper application visibility and security change automation, business disruptions or outages are all too common. In order to gain a competitive advantage in a dynamic business environment, organisations must be able to align security with the business by quickly and securely provisioning new applications, making necessary updates and safely decommissioning them.”

Key findings from “The State of Network Security 2013:  Australian Edition” include:

• Manual security processes and poor policy visibility reign supreme in the network
  • 33.6% said lack of visibility into security policies is the greatest challenge for managing network security devices
  • 31.8% report time-consuming, manual processes and poor change management as their greatest challenge.
• Application connectivity management has a major impact on the business. Roughly half said that more than 50% of firewall rule changes are implemented to enable business application connectivity. However, application-related firewall rule changes resulted in:
  • a network outage for 43.5% of organisations
  • an application outage for 35.7%
  • a security breach for 29.6%
  • decreased network performance for 27%
• Out-of-process changes lead to outages. 56.5% suffered a network outage due to an out-of-process change that was made. 31.3% suffered an application outage.
• Next-Gen brings superior security, but operational efficiencies still needed
  • 68.1% implemented a NGFW with the objective of improving protection from attacks, while 16.5% had a focus on reducing IT spend
  • However, 56.7% said the adoption of NGFWs had increased their firewall management workload, while 61.4% reported having to make more changes to their NGFWs than traditional firewalls.
• The insider threat is the greatest risk to organisations – 52.8% reported that accidental or malicious threats from within the business present the greatest security risk, rather than external hackers.

To read the full report visit – https://www.algosec.com/en/resources/network_security_2013.

About AlgoSec
AlgoSec is the market leader for security policy management, enabling organizations to manage security at the speed of business. The AlgoSec Suite of products automates management of complex policies across firewalls, routers, switches, secure web gateways and more. Bridging traditional gaps between security, network and application teams, the AlgoSec Suite improves business agility, increases security and ensures continuous compliance.

More than 1000 of the world’s leading organizations, including 15 of the Fortune 50, rely on AlgoSec for faster security provisioning of business applications, simplified security operations and improved protection against cyber-attacks.

AlgoSec is committed to the success of every single customer, and offers the industry’s only money-back guarantee.

For more information, visit www.AlgoSec.com.

Online Resources:

• Hear from AlgoSec Customers
• Visit the AlgoSec blog, Security Management at the Speed of Business
• Follow us on Twitter
• Like us on Facebook
• Find us on YouTube
• Follow us on Linkedin