AlgoSec has announced the results of “The State of Network Security 2013: Attitudes and Opinions,” a survey of 179 information security and network operations professionals conducted during the RSA Conference in February 2013.
Results from the survey show that insider threats are the greatest concern and that permitting employees to connect their own devices to the network increases the risk of security breaches. Additionally, next-generation firewall adoption is on the rise, and poor change management processes are a major operations challenge, often resulting in network and application outages.
“Increasing complexity in network security not only impacts an organisation’s ability to protect itself from cyber-threats, but also hampers business agility,” said Nimmy Reichenberg, vice president of marketing and business development, AlgoSec. “Based on the survey results, it’s clear that organisations are faced with increasing insider threats as well as rising risk of network and application outages, but process improvement and better security policy enforcement that leverages automation can provide significant dividends.”
Key findings from “The State of Network Security 2013: Attitudes and Opinions” include:
· The greatest risk is from within– 64.5% of respondents rated insiders as the greatest security risk. Roughly the same proportion of respondents (66%) expressed concern that allowing employees to “bring your own device” increased the risk of security breaches. About 40% reported that employee devices increase the overall risk of network and application outages.
· Process is the problem – A majority of respondents (60%) cited poor processes and lack of visibility into security policies as the greatest challenge of managing network security devices.
· Out-of-process increases out-of-service – More than three-quarters of respondents (76.6%) suffered a network or application outage due to an out-of-process change. This is an increase of 21.1% from last year’s findings.
· Application-related rule changes gone awry - 80.6% of respondents suffered an outage, security breach or decreased network performance due to an application-related rule change.
· Next-generation is now – The number of respondents that have adopted Next-Generation Firewalls (NGFWs) is now at 57%, up from 41.2% in 2012. Of those who have adopted NGFWs, a majority, 56.5%, reports that their objective is to improve protection from attacks. In exchange for increased security, 56% of respondents said they had increased work to manage the firewall process, with 46% citing they must make more changes.
· Security in the cloud: still hazy? – Less than 20% of respondents said that the majority of their organisation’s security controls were in the cloud. And, the larger the organisation, the less likely it was to have cloud-based security.