The State of Network Security 2012: Attitudes and Opinions Introduction • The network environment continues to grow in complexity as firewall policies expand over time and as new technologies such as next-generation firewalls are adopted. • This survey analyzes network security risks and operational challenges of managing network security policies. Additionally, it gauges the effect of nextgeneration firewalls on IT’s workload. 2 Methodology • This survey was conducted at RSA 2012. • 182 respondents are deeply involved in their organization’s IT function and have at least a moderate involvement in network operations. • 68 percent are Information Security professionals. • 32 percent are Network Operations professionals. • No AlgoSec employees, customers or partners are counted in the results. 3 Key Findings Network security processes need improvement. • From reducing system outages to improving business efficiency. Next-generation firewalls address threats - at a cost. • Improved security, but increased administrative workload. Security is an inside job. • Visibility of applications and networks, improving processes and defending against insider threats all rank as key concerns. 4 Network Security Challenges • The majority (55.6%) of top challenges lie with problematic internal processes. "What is the greatest challenge when it comes to managing network security devices in your organization?” Tension between IT admin and InfoSec teams, 9.4% Error-prone processes cause risk, 10.0% Time-consuming manual processes, 30.0% Preventing insider threats, 13.3% Poor change management processes, 15.6% 5 Lack of visibility into network security policies, 21.7% Out-of-Process Changes Cause Major Problems • 77% of respondents noted that out-of-process changes caused either a system outage, a data breach an audit failure or more than one of these. "In your organization, an out-of-process change has resulted in..." 60.0% 54.5% 50.0% 40.0% 30.0% 20.0% 25.8% 20.2% 23.0% 10.0% 0.0% Data breach 6 System outage Failing an audit None of the above Next-Generation Firewalls: Better Security… • 84% of respondents said NGFWs provided them with better security "Do you feel more or less secure now that you have deployed NGFWs?" No: Increased incidence of outof-process changes, 4.0% No: Increased policy management introduces error and risk, 12.0% BUT… Yes: We have increased visibility, 37.3% 7 Yes: We have improved control, 46.7% Next-Generation Firewalls: … at a Cost • 76% of respondents said that NGFWs increased their administrative burden due to added policy complexity "Have next gen firewalls added more work to your firewall management processes?" No: management is centralized 23.9% Yes: NGFW policies managed separately 40.8% Yes: more info to gather for audits 12.7% Yes: additional policies must be managed 22.5% 8 Greatest Risk? More Management than Malice • External attackers are well down the list of concerns… "What is the greatest risk your enterprise faces today?" Out-of-process changes causing system outages, 11.2% Lack of visibility into applications and/or networks, 28.7% Poor change management, 12.9% • The greatest risks noted are poor internal security management processes and insider threats 9 Financiallymotivated hackers, 14.0% Outsider threats, 19.6% Political "hacktivists", 5.6% Insider threats, 27.5% Key Recommendations • Clearly define internal processes, ensure they are communicated to all stakeholders and above all else, make sure they are enforceable. • Leverage automation to facilitate process improvement and to improve business efficiency and agility. • Look to implement NGFWs, but understand the impact of policy decisions and plan accordingly to gain the security benefits without the cost of higher administrative burden. 10 Educational Resources • Here are additional resources to help you further research automating network security policy optimization and change management: • Webinar: 5 Strategies to Improve Firewall Management • eBook: The Big Collection of Firewall Management Tips • Video Testimonial: BT • Free 30 Day Trial of AlgoSec Security Management Suite 11 Security Management. Made Smarter. www.AlgoSec.com Connect with AlgoSec on: