Complexity is the Enemy of Network Security, Survey

A new survey from AlgoSec shows complexity is the enemy of network security.

The survey, titled “Examing the Dangers of Complexity in Network Security,” found that 50 percent of the 125 IT security pros reported a security breach, system outage or both due to complex policies. According to the report, nearly 94 percent of organizations have deployed multi-vendor environments, despite the belief of roughly half of the respondents that the greatest benefit of vendor consolidation would be simplified management. More than 56 percent said they have deployed solutions from four or more different vendors.

“Organizations that manually manage complex multi-device and multi-vendor environments are making it harder on themselves than necessary to enforce their desired security posture,” said Nimmy Reichenberg, vice president of marketing and business development at AlgoSec, in a statement. “The good news for information security teams is that security policy management automation enables organizations to simplify policy and consolidate the number of consoles to manage, in turn improving security operations and reducing risk – even in the most complex environments.”

According to the survey, the greatest challenge of working with multiple vendors is the different types of expertise required (48.5 percent), and the biggest challenge of working with multiple devices is having too many policies to manage (42.7 percent).

“Information systems’ complexity has grown exponentially yet we continue down the same path – adding more and more layers of complexity,” said independent information security consultant Kevin Beaver of Principle Logic, in a statement. “Many IT managers and administrators couldn’t tell you how secure their networks are because they simply don’t know what’s where and what’s currently at risk. Complexity – and failing to acknowledge the complexity – are core contributors to the network security problems we face today.”