Legacy solutions failing to prevent attacks

Bromium has revealed the results of its “State of Security Report Card,” a survey of more than 100 information security professionals at the RSA Conference in San Francisco. The survey results reveal that legacy solutions such as firewalls and antivirus are failing to prevent attacks and address the priorities set by their CISOs.

  • 9 years ago Posted in

“The results of this survey serve as yet another proof point in a long line of data about the shortcomings of legacy security solutions,” said Clinton Karr, Sr. Security Strategist, Bromium. “Even if you cling to the belief that AV is not dead, the industry seems to be aware that it is in critical condition and is putting more stock in next-generation solutions.”


Specific findings from the “State of Security Report Card” include:
Organizations have room for improvement in prioritizing security – Bromium asked RSA conference attendees to grade their organizations on its ability to prioritize security by allocating the resources they require from A to F, and the majority gave their organizations a B or C:
A grade: 8 percent
B grade: 42 percent
C grade: 32 percent
D grade: 18 percent
F grade: Zero


Firewalls and Anti-virus are failing to prevent attacks – The survey asked RSA conference attendees to grade a variety of security solutions on their ability to prevent attacks and address the priorities set by their CISOs. Twenty percent of respondents gave firewalls a failing grade and 25 percent gave antivirus a failing grade. Among the most popular responses, 42 percent of respondents gave firewalls a B and 36 percent of respondents gave antivirus a C.


Next-generation solutions are performing above average – Next-generation firewalls, network sandboxes, endpoint isolation, host monitoring and threat intelligence solutions all performed well. None of these solutions were given a failing grade. Here is a breakdown of the most popular responses:
58 percent gave next-generation firewalls a B (17 percent gave it an A)
54 percent gave advanced threat protection/network sandboxes a B (20 percent gave it an A)
64 percent gave endpoint isolation/sandboxing/host monitoring a B (17 percent gave it an A)
44 percent gave threat intelligence a B (17 percent gave it an A)


Information Sharing Initiatives Show Promise; Face Hurdles – Bromium asked RSA conference attendees if their organizations would benefit from information sharing initiatives, such as those outlined in President Obama’s Executive Order, and if their organizations would participate. The overwhelming majority (78 percent) said they would benefit from information sharing initiatives, but less than half (48 percent) said they would participate. There is clearly a disconnect in these results, which suggest that information security professionals are concerned about how information sharing initiatives will aggregate and anonymize their organization’s data.
Survey Methodology

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...