Convoluted Security Processes Hamper Productivity

 
 
By Karen A. Frenkel  |  Posted 04-22-2014 Email Print this article Print
 
 
 
 
 
 
 
 

A lack of visibility, time-consuming manual processes, poor change management practices and an abundance of applications are challenging IT security, network operation teams, and application owners, according to a new AlgoSec study. The security policy management firm conducted the survey, "State of Network Security 2014: Attitudes and Opinions," of 142 information security and network operations professionals during this year's RSA conference. "The survey results underscore the need for security teams to understand business requirements to ensure agility as well as to understand the impact of vulnerabilities on the business for effective risk mitigation," says AlgoSec Vice President Nimmy Reichenberg. By lacking an easy way to make changes in applications or to determine their impact on other applications, enterprises risk outages, the report notes. Data centers handle hundreds and sometimes thousands of applications, so the need for frequent out-of-process changes compounds the problem. The large number of applications in data centers means organizations must involve security management people both inside and outside, thereby increasing risk. To read the full report, click here.

 
 
 
  • Convoluted Security Processes Threaten Productivity

    Manual processes, limited visibility into security policies, and poor change management practices are the greatest challenges to managing network security, according to 66% of respondents.
    Convoluted Security Processes Threaten Productivity
  • Out-Of-Process Changes Increase

    More than 80% of respondents report network or application outages due to out-of-process changes, up from over 50% in 2012.
    Out-Of-Process Changes Increase
  • Insiders, Third-Parties Pose Security Risks

    75% of respondents rate accidental data leakage and malicious insider behavior as their main risks, up from 66% last year.
    Insiders, Third-Parties Pose Security Risks
  • A Crisis of Confidence

    50% of respondents who outsource the management of security controls or sensitive information are not confident in their provider's ability to protect their data.
    A Crisis of Confidence
  • Cloud Adoption Rising

    Despite concerns about productivity and security, slightly more than 15% of respondents use cloud hosting for most of their applications.
    Cloud Adoption Rising
  • Poor Communication Hurts

    20% of respondents cite poor communication as existing across development, security and operations groups, more than double the increase from last year.
    Poor Communication Hurts
  • Critical Applications Reside in Data Centers

    Three in five respondents say their data center includes more than 50 critical business apps. One in five respondents is responsible for more than 500 business apps.
    Critical Applications Reside in Data Centers
  • A Plethora of Apps Obscures Vulnerabilities

    The majority of organizations struggle to identify vulnerabilities and understand them in the context of their business. Almost all respondents say business stakeholders should manage the risks of their own applications.
    A Plethora of Apps Obscures Vulnerabilities
 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date