Cryptography and Network Security UNIT IV - NETWORK SECURITY.
The State of Network Security 2012: Executive Report
-
Upload
algosec -
Category
Technology
-
view
354 -
download
1
description
Transcript of The State of Network Security 2012: Executive Report
© Copyright 2012, AlgoSec Inc. All rights reserved
The State of Network Security 2012:
Attitudes and Opinions
The State of IT Security AlgoSec Survey Insights
2 © Copyright 2012, AlgoSec Inc. All rights reserved
Executive Summary
A survey of 182 IT security and operations professionals reveals that the greatest business
security risks and challenges come from within the organizational boundaries. This state of
network security has important implications as next-generation firewalls (NGFWs) gain
adoption, out of the necessity for security teams to gain visibility and control at a more
granular level.
Processes need improvement. Out-of-process
firewall changes have resulted in system outages
for a majority (54.5%) of the organizations
surveyed. Time-consuming manual processes, and
lack of visibility, top the list of the greatest
challenges in managing network security devices.
Clearly, internal processes are the dominant issue
for most IT Security and Operations departments.
Next-generation firewalls: addressing the risks,
at a cost. For our respondents who have adopted
NGFWs, a significant number are able to directly
address their greatest security concerns, and an
overwhelming number have improved their level of
security. However, with more data available and
more complex policies to manage, security
administrators are carrying a greater load, both in
the complexity of their firewall policies, and the time
required to manage them.
Security is an inside job. As serious as threats
may be from hackers and malware, only one out of
five respondents see external threats as their #1
risk. IT Security and Operations departments are
more focused on gaining visibility into their
applications and networks, improving processes
that are time-consuming and error-prone, and
defending against internal threats.
While security teams are already concerned about the
quality of their processes for managing security
policies, the adoption of NGFWs is adding even more
scale and complexity to their load. As NGFWs are
adopted more widely, IT Security and Operations teams will need to carefully evaluate the
costs and benefits, and plan improvements to their firewall management policies, to avoid
increasing security risks and the costs of preventing them.
About the Survey
The “State of Network
Security 2012” survey was
conducted to analyze security
risks and operational
challenges, and gauge the
effects that next-generation
firewalls are having upon IT
security professionals’
workload.
182 respondents completed
the survey, which was
targeted to members of IT
Security departments (68.1%
of respondents) and IT
Operations departments
(31.9% of respondents).
There were no statistically
significant differences in the
responses from these two
groups.
The survey was administered
on the show floor at RSA
Conference 2012 US, held in
San Francisco, February 27–
March 2, 2012.
3 © Copyright 2012, AlgoSec Inc. All rights reserved
Time-consuming
manual processes,
30.0%
Lack of visibility into network
security policies, 21.7%
Poor change management processes,
15.6%
Preventing insider threats,
13.3%
Error-prone processes cause risk,
10.0%
Tension between IT admin and
InfoSec teams, 9.4%
Figure 1:
"What is the greatest challenge when it comes to managing network security
devices in your organization?"
Challenges to Network Security: Processes are Problematic
When asked to name their
single greatest challenge in
managing network security
devices, time-consuming
manual processes was
selected by nearly one-
third, or 30.0%, of the
respondents (see Figure 1).
Lack of visibility into
network security policies
ranked second, with 21.7%.
The majority of top
challenges lie with
processes: time-
consuming manual
processes, poor change
management processes,
and error-prone processes
add up to 55.6% of the top
challenges.
Out-of-Process Changes Cause System Outages
Respondents were asked to name the failures that an out-of-change process has caused
in their organization. For 77.0% of respondents, out-of-process changes caused either a
system outage, a data breach, an audit failure, or more than one of these serious
problems.
20.2%
54.5%
25.8% 23.0%
0.0%
10.0%
20.0%
30.0%
40.0%
50.0%
60.0%
Data breach System outage Failing an audit None of the above
Figure 2:
"In your organization, an out-of-process change has resulted in..."
4 © Copyright 2012, AlgoSec Inc. All rights reserved
Yes: We have improved
control, 46.7%
Yes: We have increased
visibility, 37.3%
No: Increased policy
management introduces error and risk, 12.0%
No: Increased incidence of out-
of-process changes, 4.0%
Figure 3:
"Do you feel more or less secure now that you have deployed NGFWs?"
Alarmingly, system outages are known to have occurred for more than half of the
respondents, 54.5%, more than twice as frequently as data breaches or audit failures (see
Figure 2). In fact, for 11.2% of the respondents, out-of-process changes causing system
outages was named as the #1 risk to IT security (see Figure 6, later in this report).
It is important to note that the survey only captured problems that the respondents were
aware of. Undiscovered data breaches may account for the relatively low percentage of
data breaches reported.
Next-Generation
Firewalls
Of the survey
respondents, only 41.2%
have implemented next-
generation firewalls
(NGFWs) to date,
indicating that the peak
of their adoption rate is
still ahead.
When these
respondents were asked
whether NGFWs help
them feel more secure,
84.0% answered in the
affirmative, thus
validating the value of
NGFWs for most
organizations. 46.7% of
the sample cited better
control as the reason for
a greater feeling of
security. 37.3% of the
sample cited increased
visibility (see Figure 3).
NGFWs have, however, failed thus far to improve security for about one of every six
organizations that use them. Of the 16.0% that did not feel more secure with NGFWs,
three-quarters of them (12.0% of the total) cited increased policy management as the
impediment, and the other one-quarter (4.0% of the total) cited an increased incidence in
out-of-process changes (see Figure 3). The greater visibility and control afforded by
NGFWs clearly must be balanced with the ability to manage a more complex security
policy.
5 © Copyright 2012, AlgoSec Inc. All rights reserved
Yes: NGFW policies
managed separately
40.8%
Yes: additional policies must be
managed 22.5%
Yes: more info to gather for
audits 12.7%
No: management is
centralized 23.9%
Figure 4:
"Have next gen firewalls added more work to your firewall management
processes?"
Another of the survey questions validates this point further: “As a percentage of your daily
workload, how much more time does managing next-gen firewalls add to your firewall
management process?” The average of the responses received is 12.5%. In other words,
NGFWs add an average of one hour per day per full-time employee—a significant cost.
Organizations considering
adopting NGFWs would
be well advised to
automate their firewall
management processes
across their entire estate,
so they can reap the full
benefits without increasing
workload.
When specifying the
reasons NGFWs have
added to the workload,
40.8% stated that their
NGFW policies were
managed separately from
traditional firewall policies.
On the other hand,
centralized management
prevented additional work
for almost a quarter,
23.9%, of the respondents
with NGFWs (see Figure
4).
Therefore, 76.1% of
NGFW users surveyed
have room for improvement in their policy management, or they must bear the costs of a
greater workload. It is interesting to compare this number to the 84.0% who have improved
security; most users see value, and most users bear additional costs for that value.
Risks to Security: More Management than Malice
The greatest IT risk that enterprises face is lack of visibility into applications and/or
networks, at 28.7% (see Figure 5), making lack of visibility both a top risk and a top
challenge (compare to Figure 1).
Despite the attention that hackers and other external security threats receive, it is internal,
not external threats, which are perceived as greater risks. Financially motivated hackers
and political “hacktivists,” combined, are the top risks for 19.6% of respondents, compared
to 27.5% for insider threats.
6 © Copyright 2012, AlgoSec Inc. All rights reserved
Lack of visibility into applications
and/or networks,
28.7%
Insider threats, 27.5%
Political "hacktivists",
5.6%
Financially-motivated
hackers, 14.0%
Poor change management,
12.9%
Out-of-process changes
causing system outages, 11.2%
Figure 5:
"What is the greatest risk your enterprise faces today?"
Outsider threats, 19.6%
Surprisingly, while malicious
threats, both inside and
outside, are perceived as the
greatest risk in a total of
47.1% of enterprises, the
majority of organizations
point to a management or
visibility issues as their
greatest risk. These are
conditions that can be
improved with automation:
poor change management,
out-of-process changes that
cause system outages, and
lack of visibility add up to
52.8% of the top risks
reported.
Conclusions
While enterprise IT Security
and Operations teams enjoy
a reputation for defending
against evil threats, their true
enemies are process
complexity and lack of visibility.
Next-generation firewalls are bringing value to most organizations that adopt them. They
will certainly gain wider adoption, for the additional visibility and control they afford.
However, the downside of NGFWs is added process complexity—which only intensifies
the top security risks and challenges that IT already faces.
Therefore, organizations that adopt NGFWs have a double challenge. First, to use NGFWs
in a way that will address their current challenges and risks effectively. Second, to
streamline their firewall change management processes so they can prevent additional
workload, keep security risks under control, and realize the added benefits of NGFWs.
By streamlining ahead of NGFW implementation, IT organizations can get immediate relief
from most of their common challenges, while setting the stage for the next generation of
security.
7 © Copyright 2012, AlgoSec Inc. All rights reserved
Next Steps
Download this paper on key
firewall policy management tips
Watch the webcast on
Strategies to Improve Firewall
Policy Management
8 © Copyright 2012, AlgoSec Inc. All rights reserved
About AlgoSec
AlgoSec is the market leader in network security policy management. AlgoSec enables
security and operations teams to intelligently automate the policy management of firewalls,
routers, VPNs, proxies and related security devices, improving operational efficiency,
ensuring compliance and reducing risk.
More than 900 of the world’s leading enterprises, MSSPs, auditors and consultancies rely
on AlgoSec Security Management Suite for unmatched automation of firewall operations,
auditing and compliance, risk analysis and the security change workflow.
AlgoSec is committed to the success of every single customer, and offers the industry's
only money-back guarantee.
For more information, visit www.AlgoSec.com.
300 Colonial Center Parkway
Suite 100
Roswell, GA 30076
USA
T: +1-888-358-3696
F: +1-866-673-7873
AlgoSec.com