Examining the Dangers of Complexity in Network Security Environments

 
About the Survey

The “Dangers of Network Security Complexity 2012” survey was conducted to study the impact of complexity in network security environments, based on the numbers of vendors, devices, and rules in the environment.

AlgoSec invited security professionals to participate from a global database representing companies of different sizes, in a broad range of industries, and with various levels of complexity. No AlgoSec customers or partners were invited.

All survey respondents indicated that they have direct responsibility for administering/managing their organization’s network security environment.

The respondents in the final analysis represent 29 countries on 6 continents, across a wide range of industries including financial services, technology, consumer goods, transportation, healthcare, and government sectors.


Executive Summary

An online survey of 127 IT security professionals, with direct responsibility for managing their organizations’ network security environments, reveals that the complexity of multi-vendor environments correlates to more frequent system outages and security incidents. Surprisingly, most organizations still manage their environments manually—even large enterprises with hundreds of devices. Overall, the survey reveals a tremendous opportunity for security teams to reduce risk by simplifying and automating security management across their entire estates.


Key Highlights:

Complexity yields risk. A majority of respondents in midsized and enterprise organizations (55.3%) reported a security breach, system outage, or both, due to complex policies.
Too many policies yields complexity. “Too many policies to manage” is the leading challenge (43.7%) of managing multiple devices.

Too many vendors yields complexity. The leading challenge of managing an environment with multiple vendors is “different expertise is required for each vendor” (49.6%).
Manual management is still the norm. Nearly 75% of organizations manage their network security manually, even among the largest companies. 51.2% manage their devices manually through each vendor’s console. Another 23.6% manage their network security per device.

Consolidation would yield simplicity. Half of our respondents believe that the greatest benefit of consolidating network security vendors would be simplified management. Among those who manage network security devices manually using vendor consoles, this number is nearly 60%.
Source and Full Report:
http://www.algosec.com/resources/files/Specials/Survey%20files/12_10_11_security_complexity.pdf

0 yorum: