Network complexity and lack of visibility contribute to misconfigurations and increased risk
Enterprises are slow to abandon manual processes, despite being short staffed, as the lack of automation, coupled with increasing network complexity risk and lack of visibility contribute to costly misconfigurations and increased risk, a FireMon report reveals.
The report features feedback from nearly 600 respondents, including 20% from the executive ranks, detailing ongoing firewall operations in the spectrum of digital transformation initiatives.
“In an age of increasing data breaches caused by human error, it is shocking to see the lack of automation being deployed to protect against preventable security threats,” said Tim Woods, VP of Technology Alliances for FireMon.
“The new State of the Firewall report shows that C-level executives and their security teams need more control and visibility over network security processes to fuel digital transformations and maintain regulation compliance. Adaptive automation tools can be the solution to these problems to provide new levels of control and visibility.”
Digital transformation initiatives amplify security challenges
Micro-segmentation, zero trust, containers, SDN, or cloud – no matter what you call it – all falls under the same boardroom theme: digital transformation. Whether the goal is to be more agile, competitive or super-charge the supply chain, digital transformation is the glue driving the mission to be more responsive while closing the gap on security.
Highlighting this scenario, the report reveals that cloud adoption is up significantly – 72% of respondents are managing some form of hybrid cloud environment today, compared to the 53% cited in the 2018 report.
The mindset of the C-suite illuminated the core findings of this year’s report. Citing a variety of security process challenges in the network environment leading to misconfigurations, C-level respondents shared the following feedback:
- Emails & spreadsheets drive workflow: 38% of C-level respondents said that change management processes are ad hoc, such as using email to send requests to firewall admins and spreadsheets to track network changes.
- No clear view of security posture: Only 23% had at least 80% real-time visibility into network security risks and compliance.
- Outdated communications: 35% of respondents only found out about a misconfigured firewall causing issues through urgent phone calls, emails and texts.
Automation adoption is slow
As automation proves its worth, and zero-touch automation makes headlines as the ideal end state, more than 65% of report respondents are still not using any form of automation to manage their security policies.
Meanwhile, human error based on manual processes, late-night change windows and overworked staff drives network inaccuracies and misconfigurations leaving enterprises vulnerable to threats. 36% of respondents said that inaccuracies, misconfigurations or issues on the network account for 10 to 24% of the changes that require rework.
“Not only is zero-touch automation a buzzword, most of our customers are looking for solutions that let them keep their hands on the wheel to control network security processes,” said Jeff Styles, VP of Global Field Engineering at FireMon.
“Automation doesn’t need to mean fully automatic, and the best solutions actually provide more adaptive control and visibility over networks and firewall operations.”
Network complexity risk
The growing complexity and lack of visibility when managing firewalls across on-premise, cloud and hybrid network environments continue to generate challenges and weaken the ability to comply with security and privacy regulations for enterprises.
The number of firewalls is increasing. Almost one-third had 100 or more firewalls in their environment and each with a growing set of rules to manage. Additionally, 34% had 50% or less real-time visibility into their network security risks and compliance, which creates a lack of visibility across systems and leads to gaps in enforcement.
Having too many vendors creates unnecessary network complexity risk for management and approvals:
- 78% use two or more vendors for enforcement points on their network.
- Almost 60% have firewalls deployed in the cloud.
- 72% have two or more teams involved in processing or approving a typical change request, which could be automated to improve efficiencies.
Mindful automation is the missing solution
The report’s findings on the lack of automation being used across the industry highlight the need to deploy this missing solution. Finding the correct approach of security automation for each enterprise helps to improve real-time visibility and control over network security processes and to comply with regulations.
The best approach to automation will enable an organization to minimize human error, increase efficiency and close the gap between driving transformation initiatives and maximizing security resources and agility.