Perimeter
2/25/2014
09:16 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Tufin Survey Reveals 91% Of Security Managers Are Under Pressure To Deliver Applications And Services Faster

More than three-quarters of respondents believe virtualization will have the biggest impact on security operations during next 12 to 18 months

Morristown, New Jersey, February 25, 2014: Tufin Technologies, the market-leading provider of Security Policy Orchestration solutions, today announced the results of a survey of169 security professionalson the current state of security operations. Conducted at Cisco Live! in Milan, Italy in January 2014, morethan 90% of the respondents reported that the on-demand nature of virtualization and the cloud has increased pressure on them to deliver applications and services faster. With more than three quartersof respondents believing virtualization will have the biggest impact on Security Operations over the next 12-18 months, the pace will only accelerate, underscoring the need for increased automation. In order to ensure security teamsremain agile and effective in light of the accelerated pace, Tufin, in separate releases also issued today,announcednew security,automation and orchestration capabilities and a partnership with IT automation software leader Puppet Labs.

Thesesurvey results complement the findings of a larger October 2013Tufin-commissioned survey in which 71% of more than 500 senior IT professionals found themselves having to adopt new processes, learn new technologies and interact with new people because of these same trends. TheCisco Live! attendeeresponses pointed toadditional problems being caused by the intense pace of change, highlighting several opportunities to improve Security Operations:

• Almost 90%felt that organizations rely too heavily on network security products and tools at the expense of good network architecture and design in order to deliver the optimum level of network security.

• Almost 40% reported that the biggest barrier to effective network security is network complexity while25% cited a lack of collaboration and another 20% cited the constant change occurring in today's networks as their biggest barriers.

• With this being the case, it comes as no surprise thatabout 89% of the respondents reported that between 20-60% of security policy changes in their organization need to be corrected after the fact.

• Another one-sixth reported that as much as60-80% of their organizations' security policy changes need to be redone.

"As previous surveys have confirmed, the role of security within Operations is expanding in order to deal with the network security challenges brought on by the cloud and virtualization," said Ruvi Kitov, Tufin CEO. "Thisleads to more and deeper collaboration with other IT groupsin order to integrate and automate security into areas such as network design, change processes and operational performance. Our customers tell us this is the best way to ensure next generation networks are efficient, agile and equipped to deal with next generation security concerns. We agree and believe intelligent change and process automation will become standardsas virtualization and the cloud become more pervasive."

Survey respondentsalso made it emphatically clear thatthe threat landscape itself is changingjust as quickly as corporate networks. When asked to name the three developments that will most greatly impact security operations over the next 12-18 months, advanced threats were the number one answer, nosing ahead of virtualization (number two) and the transition of mission critical enterprise apps to the cloud (number three).

However, the survey revealed that Security Operations teams are rising to the challenge. More than three-quarters believed their networks were more secure (55%) or just as secure (22%) than they were five years ago. Plus security teams identifiedthat automation would positively affect the accuracy of policy changes (33%), the lack of consistent processes across departments (25%), and the lack of network control(20%). This underscored the need for a complete automation suite designed to handle these issues with features such as topology mapping and one-click repair.

"It is clear that virtualization and the cloud deliver great benefits but also introduce greater complexity and unforeseen risks that must be addressed," said Kitov. "Our customers know that automation is necessary to properly safeguard today's networks and support the needs of the business. Tufin continues to add capabilities to our product suite to providethebest-of breed automation and orchestration solutions needed to deliver the efficiency, agility and collaboration required for their ongoing success."

About Tufin Technologies

Tufin® is the leader in Security Policy Orchestration, automating and accelerating network infrastructure changes while maintaining security and compliance. By improving network change processes, organizations using the Tufin Orchestration Suite&trade will have a positive impact on the business by reducing the time and cost spent implementing network changes by up to 80 %. Taking a holistic view of IT, the Tufin Orchestration Suite helps organizations automate security and efficiency into day-to-day operations, enabling them to be more agile and leverage technology to gain a competitive advantage. Founded in 2005, Tufin serves more than 1,300 customers in industries from telecom and financial services to energy, transportation and pharmaceuticals. Tufin partners with leading vendors including Check Point, Cisco, Juniper Networks, Palo Alto Networks, Fortinet, F5, Stonesoft, Blue Coat, McAfee and BMC Software, and is known for technological innovation and dedicated customer service.

For more information visit www.tufin.com, or follow Tufin on:

• Twitter: http://twitter.com/TufinTech

• Facebook: http://www.facebook.com/Tufintech

• LinkedIn: http://www.linkedin.com/companies/tufin-technologies

• BrightTalk: https://www.brighttalk.com/community/it-security/channel/9591

• YouTube: http://www.youtube.com/user/Tufintech

• The Tufin Blog: http://www.tufin.com/blog

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Title Partner’s Role in Perimeter Security
Title Partner’s Role in Perimeter Security
Considering how prevalent third-party attacks are, we need to ask hard questions about how partners and suppliers are safeguarding systems and data.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-6090
Published: 2015-04-27
Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) DataMappingEditorCommands, (2) DatastoreEditorCommands, and (3) IEGEditorCommands servlets in IBM Curam Social Program Management (SPM) 5.2 SP6 before EP6, 6.0 SP2 before EP26, 6.0.3 before 6.0.3.0 iFix8, 6.0.4 before 6.0.4.5 iFix...

CVE-2014-6092
Published: 2015-04-27
IBM Curam Social Program Management (SPM) 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.6 requires failed-login handling for web-service accounts to have the same lockout policy as for standard user accounts, which makes it easier for remote attackers to cause...

CVE-2015-0113
Published: 2015-04-27
The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation...

CVE-2015-0174
Published: 2015-04-27
The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.5 does not properly handle configuration data, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

CVE-2015-0175
Published: 2015-04-27
IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 does not properly implement authData elements, which allows remote authenticated users to gain privileges via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.