Understanding risk from a business perspective is a top security concern

Majority of AlgoSec survey respondents feel that business stakeholders need to “own the risk” of their data center applications.

  • 10 years ago Posted in

AlgoSec has announced the results of “The State of Network Security 2014,” a survey of 142 information security and network operations professionals, application owners and compliance officers conducted during the RSA Conference in February 2014.


Results from the survey show the biggest challenge for organisations is prioritising, understanding and addressing vulnerabilities in a business context. Over 96% of respondents believe that business stakeholders should “own the risk” of their business-critical applications.


Key findings from “The State of Network Security 2014: Attitudes and Opinions” include:
· Convoluted security processes threaten productivity and lead to outages. 64% of respondents said that manual processes, limited visibility into security policies and poor change management practices posed the greatest challenge when managing network security devices. More than 80% of respondents experienced network or application outages as a result of out-of-process changes, up from just over half in 2012. Almost 20% of respondents raised the issue of poor communication among key stakeholders across development, security and operations groups, an 80% increase from last year.
· Insiders continue to pose the greatest risk, but third party vendor security raises significant concerns. 73% of organisations rated accidental data leakage or malicious behavior by insiders as their number one risk, up from less than two-thirds last year. Also, half of respondents who outsource management of security controls or sensitive information were less than confident in their provider’s ability to provide protection.
· Pace of cloud adoption picks up, despite concerns about connectivity and security. Last year one in five organisations expected to move more than 40% of their business applications to the cloud; this year more than 15% already use cloud hosting for the majority of their applications. Three-quarters of organisations are using cloud hosting to some degree, three out of five still worry about ensuring application availability and security with off-site data centers.


“Recent high-profile cyber attacks have quickly elevated security discussions to the board-level at many organisations. This requires a fundamental shift in how security professionals think and communicate,” said Nimmy Reichenberg, Vice President of Marketing and Strategy, AlgoSec. “The survey results underscore the need for security teams to understand business requirements to ensure agility as well as to understand the impact of vulnerabilities on the business for effective risk mitigation.”


More than two-thirds of organisations have now implemented next-generation firewalls (NGFW), up from just over 40% two years ago, with the most commonly-used features being IPS, application control, URL filtering and advanced malware detection. With increased adoption has come greater awareness of the challenges associated with defining NGFW policies, which nearly a third of those surveyed (31.2%) said was now their main challenge.


 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...