Connect with us

Hi, what are you looking for?


Security Architecture

Why You Need to Put Your Security to the Test

We’re all familiar with the expression ‘Trust but verify.’ Unfortunately, when it relates to protecting their networks, most organizations rely on trust but don’t verify that their security solutions are working as they should.

We’re all familiar with the expression ‘Trust but verify.’ Unfortunately, when it relates to protecting their networks, most organizations rely on trust but don’t verify that their security solutions are working as they should. A recent survey (PDF) of security operations effectiveness found that just 37 percent of security professionals have hard evidence to verify their security products are configured and operating correctly. And this lack of testing and validation leads directly to organizations experiencing a damaging security breach.

Half of the survey’s respondents stated they had discovered that one or more security solutions were not working as they expected only after the organization had been breached. With these vulnerable points in their network defenses, it is not surprising that 75 percent of respondents stated their organization had experienced a breach (such as an unauthorized intrusion, malware infection, or hack) in the past year. 47 percent had been breached three or more times in the last three years. 

It’s critical that organizations implement an in-depth testing strategy to close these security gaps and cut the risk of being breached, rather than simply trusting and hoping their security products are performing as expected. But what should that strategy consist of?

The three Ps of testing

When developing an effective security testing strategy, there are three ‘P’s to consider:  

• Products, covering the security tools that are deployed across the organization’s networks and their configurations.  

• Processes, which covers how those security products or services are installed and maintained, including how patches and upgrades are managed.

• People, which focuses primarily on the ability of IT and security teams to respond to and remediate cyber incidents, but also includes the organization’s employees.   

Advertisement. Scroll to continue reading.

Testing security products

Testing products includes evaluating the performance of each security tool or service, to ensure it is delivering the expected levels of throughput, filtering and blocking of traffic. It involves checking that there are no misconfigurations (such as an unchanged factory default password) that a hacker could identify and exploit.  It should also include evaluating any possible functional overlap between solutions. 

In the company sponsored security operations effectiveness survey, two-thirds of respondents stated that the functions of their security tools overlap with each other, and 41 percent said this overlap was unintentional. In other words, organizations sometimes add products to their security fabric without properly evaluating if they are needed or checking whether existing solutions are configured and working correctly.  

This tool sprawl leads to wasted security budgets, increased management time for IT and security teams, and expands the organization’s attack surface. 79 percent of survey respondents stated they would remove a security product from their network if they could prove it was not effective. Product testing strengthens an organization’s security posture and helps make efficient use of budgets and resources.

Testing processes

To ensure you are not leaving any easy-to-find back doors into your network, it is critical to manage and maintain your security products efficiently with a regular cycle of checking for and applying new software patches and updates. This should be done on a monthly basis at the very least, as new threats and new malware variants are continually emerging. 

According to the vulnerability analysis resource CVE Details, 2019 saw over 12,000 new vulnerabilities emerge, with over 1100 of these rated as severe. That’s an average of over 90 per month – so keeping products updated, and regular testing cycles will help to close holes developing in the company’s security fabric.

Training matters

No organization has fully-automated security:  IT security teams need regular practice on how to deal with a range of situations so they can be part of the solution, rather than inadvertently becoming part of the problem. Yet the security operations effectiveness survey showed that less than 50 percent of those surveyed said that they regularly practice how to remediate and recover from breach incidents. Teams need active practice against realistic cyber-incident scenarios, to ensure that the response to a genuine incident is as efficient as possible. Training should also extend to organizations’ staff, covering issues such as how to recognize malicious emails or phishing attempts, and how to protect account credentials.   

In conclusion, robust security can never be taken for granted. Cybercriminals are continually investing in new exploits and weapons.  Organizations need to ensure they keep pace with those developments. That means regularly putting security products, processes and people to the test – but the reward is better, more efficient protection against attacks.

Written By

Marie Hattar is chief marketing officer (CMO) at Keysight Technologies. She has more than 20 years of marketing leadership experience spanning the security, routing, switching, telecom and mobility markets. Before becoming Keysight’s CMO, Marie was CMO at Ixia and at Check Point Software Technologies. Prior to that, she was Vice President at Cisco where she led the company’s enterprise networking and security portfolio and helped drive the company’s leadership in networking. Marie also worked at Nortel Networks, Alteon WebSystems, and Shasta Networks in senior marketing and CTO positions. Marie received a master’s degree in Business Administration in Marketing from York University and a Bachelor’s degree in Electrical Engineering from the University of Toronto.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...


Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Artificial Intelligence

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Security Infrastructure

Security vendor consolidation is picking up steam with good reason. Everyone wants to improve security efficiency and effectiveness while paying for less.