© Copyright 2012, AlgoSec Inc. All rights reserved

The State of Network Security 2012:

Attitudes and Opinions

The State of IT Security AlgoSec Survey Insights

2 © Copyright 2012, AlgoSec Inc. All rights reserved

Executive Summary

A survey of 182 IT security and operations professionals reveals that the greatest business

security risks and challenges come from within the organizational boundaries. This state of

network security has important implications as next-generation firewalls (NGFWs) gain

adoption, out of the necessity for security teams to gain visibility and control at a more

granular level.

Processes need improvement. Out-of-process

firewall changes have resulted in system outages

for a majority (54.5%) of the organizations

surveyed. Time-consuming manual processes, and

lack of visibility, top the list of the greatest

challenges in managing network security devices.

Clearly, internal processes are the dominant issue

for most IT Security and Operations departments.

Next-generation firewalls: addressing the risks,

at a cost. For our respondents who have adopted

NGFWs, a significant number are able to directly

address their greatest security concerns, and an

overwhelming number have improved their level of

security. However, with more data available and

more complex policies to manage, security

administrators are carrying a greater load, both in

the complexity of their firewall policies, and the time

required to manage them.

Security is an inside job. As serious as threats

may be from hackers and malware, only one out of

five respondents see external threats as their #1

risk. IT Security and Operations departments are

more focused on gaining visibility into their

applications and networks, improving processes

that are time-consuming and error-prone, and

defending against internal threats.

While security teams are already concerned about the

quality of their processes for managing security

policies, the adoption of NGFWs is adding even more

scale and complexity to their load. As NGFWs are

adopted more widely, IT Security and Operations teams will need to carefully evaluate the

costs and benefits, and plan improvements to their firewall management policies, to avoid

increasing security risks and the costs of preventing them.

About the Survey

The “State of Network

Security 2012” survey was

conducted to analyze security

risks and operational

challenges, and gauge the

effects that next-generation

firewalls are having upon IT

security professionals’

workload.

182 respondents completed

the survey, which was

targeted to members of IT

Security departments (68.1%

of respondents) and IT

Operations departments

(31.9% of respondents).

There were no statistically

significant differences in the

responses from these two

groups.

The survey was administered

on the show floor at RSA

Conference 2012 US, held in

San Francisco, February 27–

March 2, 2012.

3 © Copyright 2012, AlgoSec Inc. All rights reserved

Time-consuming

manual processes,

30.0%

Lack of visibility into network

security policies, 21.7%

Poor change management processes,

15.6%

Preventing insider threats,

13.3%

Error-prone processes cause risk,

10.0%

Tension between IT admin and

InfoSec teams, 9.4%

Figure 1:

"What is the greatest challenge when it comes to managing network security

devices in your organization?"

Challenges to Network Security: Processes are Problematic

When asked to name their

single greatest challenge in

managing network security

devices, time-consuming

manual processes was

selected by nearly one-

third, or 30.0%, of the

respondents (see Figure 1).

Lack of visibility into

network security policies

ranked second, with 21.7%.

The majority of top

challenges lie with

processes: time-

consuming manual

processes, poor change

management processes,

and error-prone processes

add up to 55.6% of the top

challenges.

Out-of-Process Changes Cause System Outages

Respondents were asked to name the failures that an out-of-change process has caused

in their organization. For 77.0% of respondents, out-of-process changes caused either a

system outage, a data breach, an audit failure, or more than one of these serious

problems.

20.2%

54.5%

25.8% 23.0%

0.0%

10.0%

20.0%

30.0%

40.0%

50.0%

60.0%

Data breach System outage Failing an audit None of the above

Figure 2:

"In your organization, an out-of-process change has resulted in..."

4 © Copyright 2012, AlgoSec Inc. All rights reserved

Yes: We have improved

control, 46.7%

Yes: We have increased

visibility, 37.3%

No: Increased policy

management introduces error and risk, 12.0%

No: Increased incidence of out-

of-process changes, 4.0%

Figure 3:

"Do you feel more or less secure now that you have deployed NGFWs?"

Alarmingly, system outages are known to have occurred for more than half of the

respondents, 54.5%, more than twice as frequently as data breaches or audit failures (see

Figure 2). In fact, for 11.2% of the respondents, out-of-process changes causing system

outages was named as the #1 risk to IT security (see Figure 6, later in this report).

It is important to note that the survey only captured problems that the respondents were

aware of. Undiscovered data breaches may account for the relatively low percentage of

data breaches reported.

Next-Generation

Firewalls

Of the survey

respondents, only 41.2%

have implemented next-

generation firewalls

(NGFWs) to date,

indicating that the peak

of their adoption rate is

still ahead.

When these

respondents were asked

whether NGFWs help

them feel more secure,

84.0% answered in the

affirmative, thus

validating the value of

NGFWs for most

organizations. 46.7% of

the sample cited better

control as the reason for

a greater feeling of

security. 37.3% of the

sample cited increased

visibility (see Figure 3).

NGFWs have, however, failed thus far to improve security for about one of every six

organizations that use them. Of the 16.0% that did not feel more secure with NGFWs,

three-quarters of them (12.0% of the total) cited increased policy management as the

impediment, and the other one-quarter (4.0% of the total) cited an increased incidence in

out-of-process changes (see Figure 3). The greater visibility and control afforded by

NGFWs clearly must be balanced with the ability to manage a more complex security

policy.

5 © Copyright 2012, AlgoSec Inc. All rights reserved

Yes: NGFW policies

managed separately

40.8%

Yes: additional policies must be

managed 22.5%

Yes: more info to gather for

audits 12.7%

No: management is

centralized 23.9%

Figure 4:

"Have next gen firewalls added more work to your firewall management

processes?"

Another of the survey questions validates this point further: “As a percentage of your daily

workload, how much more time does managing next-gen firewalls add to your firewall

management process?” The average of the responses received is 12.5%. In other words,

NGFWs add an average of one hour per day per full-time employee—a significant cost.

Organizations considering

adopting NGFWs would

be well advised to

automate their firewall

management processes

across their entire estate,

so they can reap the full

benefits without increasing

workload.

When specifying the

reasons NGFWs have

added to the workload,

40.8% stated that their

NGFW policies were

managed separately from

traditional firewall policies.

On the other hand,

centralized management

prevented additional work

for almost a quarter,

23.9%, of the respondents

with NGFWs (see Figure

4).

Therefore, 76.1% of

NGFW users surveyed

have room for improvement in their policy management, or they must bear the costs of a

greater workload. It is interesting to compare this number to the 84.0% who have improved

security; most users see value, and most users bear additional costs for that value.

Risks to Security: More Management than Malice

The greatest IT risk that enterprises face is lack of visibility into applications and/or

networks, at 28.7% (see Figure 5), making lack of visibility both a top risk and a top

challenge (compare to Figure 1).

Despite the attention that hackers and other external security threats receive, it is internal,

not external threats, which are perceived as greater risks. Financially motivated hackers

and political “hacktivists,” combined, are the top risks for 19.6% of respondents, compared

to 27.5% for insider threats.

6 © Copyright 2012, AlgoSec Inc. All rights reserved

Lack of visibility into applications

and/or networks,

28.7%

Insider threats, 27.5%

Political "hacktivists",

5.6%

Financially-motivated

hackers, 14.0%

Poor change management,

12.9%

Out-of-process changes

causing system outages, 11.2%

Figure 5:

"What is the greatest risk your enterprise faces today?"

Outsider threats, 19.6%

Surprisingly, while malicious

threats, both inside and

outside, are perceived as the

greatest risk in a total of

47.1% of enterprises, the

majority of organizations

point to a management or

visibility issues as their

greatest risk. These are

conditions that can be

improved with automation:

poor change management,

out-of-process changes that

cause system outages, and

lack of visibility add up to

52.8% of the top risks

reported.

Conclusions

While enterprise IT Security

and Operations teams enjoy

a reputation for defending

against evil threats, their true

enemies are process

complexity and lack of visibility.

Next-generation firewalls are bringing value to most organizations that adopt them. They

will certainly gain wider adoption, for the additional visibility and control they afford.

However, the downside of NGFWs is added process complexity—which only intensifies

the top security risks and challenges that IT already faces.

Therefore, organizations that adopt NGFWs have a double challenge. First, to use NGFWs

in a way that will address their current challenges and risks effectively. Second, to

streamline their firewall change management processes so they can prevent additional

workload, keep security risks under control, and realize the added benefits of NGFWs.

By streamlining ahead of NGFW implementation, IT organizations can get immediate relief

from most of their common challenges, while setting the stage for the next generation of

security.

7 © Copyright 2012, AlgoSec Inc. All rights reserved

Next Steps

Download this paper on key

firewall policy management tips

Watch the webcast on

Strategies to Improve Firewall

Policy Management

8 © Copyright 2012, AlgoSec Inc. All rights reserved

About AlgoSec

AlgoSec is the market leader in network security policy management. AlgoSec enables

security and operations teams to intelligently automate the policy management of firewalls,

routers, VPNs, proxies and related security devices, improving operational efficiency,

ensuring compliance and reducing risk.

More than 900 of the world’s leading enterprises, MSSPs, auditors and consultancies rely

on AlgoSec Security Management Suite for unmatched automation of firewall operations,

auditing and compliance, risk analysis and the security change workflow.

AlgoSec is committed to the success of every single customer, and offers the industry's

only money-back guarantee.

For more information, visit www.AlgoSec.com.

300 Colonial Center Parkway

Suite 100

Roswell, GA 30076

USA

T: +1-888-358-3696

F: +1-866-673-7873

E: info@algosec.com

AlgoSec.com