Uncovering the Dangers of Network Security Complexity
As security threats become more sophisticated and as new technologies are being adopted, it security is only becoming more complex and difficult to manage. Renowned security expert Bruce Schneier recently stated that “complexity is the worst enemy of security.” More security devices and vendors (and in turn policies) are not necessarily better when it comes to your network security environment.
We conducted a recent survey of 127 IT security professionals worldwide to study the impact of complexity in network security environments, based on the number of vendors, devices and rules in the environment. It identified operational challenges and risk faced by organizations and revealed opportunities to reduce risk and simplify security policy management.
Results showed that more than half of the survey respondents from mid-sized (identified as 50-2500 employees) and enterprise organizations (identified as 2500+ employees) stated that complex policies ultimately led to a security breach, system outage or both.
Think about this for a minute. In our attempts to defend the network and critical assets from cyber threats, we have fallen into the trap of bolting on more and more security layers and policies. The result is that we’ve increased the level of complexity within the environment to the point where we have actually created risk because of human errors, misconfigurations, etc. It is vital to get a view of all of the security policies across all of the different devices and vendors in a way so you can understand where your gaps are, not just by device/policy, but as a whole. Also, you should always consider what is already in place and see if there are current policies that need to evolve or be removed before you add on more layers or policies.
Other survey findings showed that too many policies and too many vendors cause complexity. According to 44% of survey respondents, they noted that “too many policies to manage” was a top challenge for IT security professionals when managing multiple devices. Results also showed that half of the respondents stated that a top challenge regarding managing multiple vendors in the environment was that “different expertise is required for each vendor”. This is interesting considering that 95% of organizations use network security devices from multiple vendors. Even as more policies, vendors and devices have been added to increasingly complex environments, an estimated 75% of organizations still manually manage network security.
While this survey may make some IT security professionals a bit uneasy and concerned about the dangers of network security policy, it does present insight to mitigate this complexity challenge. Automation and consolidation are two valid ways to simplify network security policy management and reduce the risk of misconfiguration. It’s time to rethink how we manage network security and realize that sometimes less is more.
Tutorial notes (1.6MB pdf)
Video demo (6.4MB mov)
How to Annodex Theora
Annodex contentCreating content
Example Science CMWeb
Searching Science CMWeb
Annodex(TM) is a trademark of CSIRO Australia. All other trademarks are the properties of their respective owners.