AlgoSec recently announced the results of “The State of Network Security 2013: Attitudes and Opinions,” a survey of 179 information security and network operations professionals conducted during the RSA Conference in February 2013. Results from the survey reveal insider threats are the greatest concern and that permitting employees to connect their own devices to the network increases the risk of security breaches.
Additionally, according to the survey findings, next-generation firewall adoption is on the rise, and poor change management processes are a major operations challenge, often resulting in network and application outages.
Key findings from “The State of Network Security 2013: Attitudes and Opinions” include:
· The Greatest Risk is From Within– Two-thirds of respondents (64.5 percent) rated insiders as the greatest security risk. Roughly the same proportion of respondents (66 percent) expressed concern that allowing employees to “bring your own device” increased the risk of security breaches. About 40 percent reported that employee devices increase the overall risk of network and application outages.
· Process is the Problem – A majority of respondents (60 percent) cited poor processes and lack of visibility into security policies as the greatest challenge of managing network security devices.
· Out-of-Process Increases Out-of-Service – More than three-quarters of respondents (76.6 percent) suffered a network or application outage due to an out-of-process change. This is an increase of 21.1 percent from last year’s findings.
· Application-related Rule Changes Gone Awry- 80.6 percent of respondents suffered an outage, security breach or decreased network performance due to an application-related rule change.
· Next-Generation is Now– The number of respondents that have adopted Next-Generation Firewalls (NGFWs) is now at 57 percent, up from 41.2 percent in 2012. Of those who have adopted NGFWs, a majority, 56.5 percent, reports that their objective is to improve protection from attacks. In exchange for increased security, 56 percent of respondents said they had increased work to manage the firewall process, with 46 percent citing they must make more changes.
· Security in the Cloud: Still Hazy? – Less than 20 percent of respondents said that the majority of their organization’s security controls were in the cloud. And, the larger the organization, the less likely it was to have cloud-based security.