AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Search in comments
Filter by Custom Post Type
Posts

The State of Network Security 2012 Finds Poor Internal Processes and Insider Threats as the Greatest Security Risk

by
[addtoany]

Yesterday, we published the results of our latest research efforts, titled The State of Network Security 2012. This survey polled more than 180 IT security and operations professionals at RSA about the greatest security risks and operational challenges and also gathered insight on the impact of next-generation firewalls from a management perspective. The results were quite telling and refreshingly different from the typical infosecurity FUD (e.g. the next great attack vector, data breach, etc.). Here are a few key findings from this research:

  • Out-of-process equals out-of-service – A majority of respondents (54.5 percent) indicated that an out-of-process change has resulted in a system outage. Out-of-band changes resulted in a data breach roughly 20% of the time (as far as respondents either knew or were willing to share) and a failed audit roughly 26% of the time. Bottom line here is that organizations need to not only have defined processes for conducting firewall changes, but also be able to enforce them. This means, ensuring proper testing, validation, approval, documenation, etc. The impact of not being able to enforce the defined firewall change processes is painful and spread across multiple areas.
  • Hands-on is out of touch – Nearly one-in-three respondents (30 percent) cited time-consuming manual processes as the greatest challenge to managing network security devices. Manual processes continue to crunch IT’s bandwidth and also introduce risk through human error (a major finding from AlgoSec’s survey from 2011). The answer here is to automate processes where possible – firewall policy management is a good place to start!
  • Enterprise risks are inside-out – When asked to cite the greatest risk to enterprise security, 28.7 percent noted a lack of visibility into networks applications while 27.5 percent highlighted insider threats, but less than 20 percent focused on external threats such as hackers. While there are still plenty of “bad guys” out there trying to steal sensitive data or wreak havoc, it’s the employees and security teams that can have the biggest impact on improved security. Organizations need to continue to refine and automate processes, and improve security awareness and the management of mobile devices and remote traffic.
  • Next-Generation Firewalls increase security, but there is no free lunch – Of the survey respondents that have implemented NGFWs, an overwhelming majority (84 percent) believe that the increased control and visibility these devices offer improves security, but simultaneously 76.1 percent complain that the size and complexity of policy management is creating more work – on average of about one hour per day (a 12.5 percent increase). NGFWs are clearly a technology that has significant value, but you can’t just slap one into your environment and go about your day. Prioritize the NGFW capabilities that make sense for your environment and determine the most appropriate segments in the network where you will implement them. And make sure you can manage your NGFWs in a similar/standardized way as you do your traditional firewalls to limit the additional management overhead.

We hope you find The State of Network Security 2012 interesting and give you some things to think about as your information security processes and programs continue to evolve.

041112

Subscribe to Blog

Receive notifications of new posts by email.