AlgoSec's European 2013 State of Network Security Report, based on a survey of 130 IT security and network operations professionals in April 2013, also showed that threats from internal sources were a major concern for organisations. Employees accidentally jeopardising security through data leaks or similar errors ranked as the greatest concern for 48% of survey respondents, followed by financially-motivated hackers (24%).
Managing BYOD is also creating additional challenges for IT departments, with respondents saying that employees connecting their own devices to the corporate network increased the risk of security breaches (65%) and network outages (24%).
Key findings from "The State of Network Security 2013: European Edition" report include:
• NGFWs enhance security but add to management issues – 36% of organisations had implemented a NGFW with the objective of either improving protection from attacks or reducing IT spend (compared with 57% in Algosec's US 2013 Network Security Report, published earlier this year). However, 57% of respondents said the adoption of NGFWs had increased their firewall management workload. 70% of respondents reported having to make more changes to their NGFWs than traditional firewalls (compared with 46% of US-based respondents).
• Manual processes & poor visibility have a significant impact on security – 69% of respondents said that time-consuming, manual processes and a lack of visibility into security policies create significant risk in managing network devices. This compares with 60% from Algosec's recent US survey.
• Outages from out-of-process changes – nearly 77% of respondents reporting a network or application outage resulting from an out-of-process change, with 20% of respondents reporting a data breach as a result. Over 72% suffered an outage or security breach due to an application-related rule change. These figures corresponded closely to Algosec's US survey findings.
• Internal threats cause concern – nearly 63% of respondents flagged internal threats (accidental or malicious) as a concern. A further 65% stated that allowing employees to connect their own devices to the corporate network increased the risk of security breaches. These figures correspond closely to Algosec's US survey.
• Low take-up for cloud security – under 15% of respondents said that the majority of their organisation's security controls were in the cloud, with larger organisations less likely to have cloud-based security. This was even lower than the 20% of US organisations deploying cloud-based security solutions.
"Organisations are struggling to manage increasingly complex networks – both from a security and operational perspective," said Paul Clark, AlgoSec's Regional Director for UK, Ireland, South Africa & Middle East. "Based on the survey results, it's clear that the biggest challenges for InfoSec and IT teams come with manual processes and poor visibility, which continue to expose organisations to the risk of outages and security breaches, often caused by their own employees and processes.
"Even those that have adopted Next-Generation Firewalls report that increased security comes at the price of more changes, more policies to manage and more complexity. However, moving away from manual processes and toward automated, centralised management of processes and policies will help organisations to fully realise the potential of NGFWs to improve overall security and reduce costs."
To read the full report, visit: http://www.algosec.com/en/resources/network_security_2013