News
AlgoSec: Survey Shows Poor Internal Security Processes and Insider Threats Pose Greater Risk Than Hackers
April 2012 by AlgoSec
AlgoSec has announced the results of “The State of Network Security 2012: Attitudes and Opinions,” a survey of more than 180 IT and information security professionals conducted during RSA 2012 that reveals that poor internal security management processes present more risk than malicious threats – more than 50 percent of respondents incurred a system outage due to an out-of-process change.
The survey also highlights the perception that while next-generation firewalls (NGFWs) directly address these internal challenges, they also increase the cost and complexity of management.
“While industry focus naturally gravitates toward the latest buzzwords, such as APTs, we were pleasantly surprised to find that practitioners primarily voice concerns with how to better manage security,” said Nimmy Reichenberg, Vice President of Marketing and Business Development, AlgoSec. “Poor visibility into what is occurring in the network, insider threats and poor processes that result in out-of-process changes are responsible for much of the day-to-day risk. Regardless of latest attack vector or breach that makes headlines, it all goes back to strong security processes, visibility and control.”
Key findings from “The State of Network Security 2012: Attitudes and Opinions” include:
– Out-of-process equals out-of-service – A majority of respondents (54.5 percent) indicated that an out-of-process change has resulted in a system outage.
– Hands-on is out of touch – Nearly one-in-three respondents (30 percent) cited time-consuming manual processes as the greatest challenge to managing network security devices.
– Enterprise risks are inside-out – When asked to cite the greatest risk to enterprise security, 28.7 percent noted a lack of visibility into networks applications while 27.5 percent highlighted insider threats, but less than 20 percent focused on external threats such as hackers.
– Next-Generation Firewalls increase security, but there is no free lunch – Of the survey respondents that have implemented NGFWs, an overwhelming majority (84 percent) believe that the increased control and visibility these devices offer improves security, but simultaneously 76.1 percent complain that the size and complexity of policy management is creating more work - on average of about one hour per day (a 12.5 percent increase).
“We have seen next-generation firewalls capture the imagination of the security industry, as granular policies and controls can greatly increase visibility into applications and users, but these controls are not without a cost, as additional work is required to manage them,” said Reichenberg. “AlgoSec is committed to helping organizations achieve the full potential from their network devices by automating these time-consuming and complex processes and streamlining operations, so security organizations can focus their time on what matters – making the business more secure.”
The full report is available from: http://www.algosec.com/resources/files/Specials/Survey%20files/120404_Survey%20Report.pdf
