Security Experts:

Poor Internal Processes Viewed as the Greatest Threat to Network Security

AlgoSec, a company that provides firewall management solutions, recently released the results of a poll that examined the attitudes and opinions of 180 working IT and security professionals during the RSA Conference earlier this year. The results of the poll show that poor internal processes, practices, and threats pose the largest risk to a network. These problems, the respondents believe, are more of a concern than threats from malicious external sources.

Firewalls“While industry focus naturally gravitates toward the latest buzzwords, such as ‘advanced persistent threats,’ we were pleasantly surprised to find that practitioners primarily voice concerns with how to better manage security,” said Nimmy Reichenberg, Vice President of Marketing and Business Development, AlgoSec.

For those who took part in the study, the bottom line is that security is an inside job. When it comes to the pain those in the trenches are experiencing, the majority of it comes from processes. More than 50% of those who took part named an out-of-process change as the cause for a given outage.

This is compounded by the fact that most processes are manual ones, which are often too time consuming – as noted by 30% of the respondents – leading to a situation where manpower is stretched too thin to deal with other issues in a timely manner.

Threats from the inside got a mention as well, as nearly 28% of those who responded to AlgoSec’s questions said that it was a major concern for them. Less than 20% named a malicious attack from the outside as the largest threat their organization faces.

Interestingly enough, Next-Generation Firewalls (NGFWs) – a widely popular buzzword and technology group - increase the overall security on a network, but are sometimes a nightmare to deal with.

Of the respondents that implemented NGFWs, an overwhelming majority (84%) told AlgoSec that the increased control and visibility these devices offer improves security, but simultaneously 76% complain that the size and complexity of policy management is creating more work - on average of about one hour per day.

“We have seen next-generation firewalls capture the imagination of the security industry, as granular policies and controls can greatly increase visibility into applications and users, but these controls are not without a cost, as additional work is required to manage them,” said Reichenberg.

“Poor visibility into what is occurring in the network, insider threats and poor processes that result in out-of-process changes are responsible for much of the day-to-day risk. Regardless of latest attack vector or breach that makes headlines, it all goes back to strong security processes, visibility and control.”

The full report, "The State of Network Security 2012: Attitudes and Opinions" is available here.

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.