Most security professionals say network security is harder this year when compared to last year – according to a survey we recently conducted. When asked “why?” respondents pointed to a range of challenges.
Some of those included the following:
- “Increase in threats from third-party networks and IoT devices.”
- “Hackers are using more complex and comprehensive tools and internal users seemingly are less aware of what they do to reduce protection.”
- “More things keep getting added to the network, with more vulnerabilities.”
Clearly, some challenges bear more weight than others and we aimed to quantify or rank which concerns security professionals deemed most important. When presented with a list of well-defined problems in network security, respondents identified the top challenges as follows:
1) Insider threats – 44%
2) IT infrastructure complexity – 42%
3) Absence of leader support – 40%
4) Lack of tool interoperability – 37%
5) Shadow IT – 31%
6) Weak controls for privileged access – 29%
7) Cloud visibility – 28%
8) BYOD – 26%
9) Too many alerts – 22%
10) Too many tools – 18%
While “insider threats” ranked as the top challenge, in our assessment, and considering the entire survey and comments from respondents, these are not necessarily malicious. Instead, this category likely includes accidental incidents set off by well-intended users inside the network.
It’s important to note that no single challenge drew a majority of responses. This underscores the diversity of problems facing network security which can vary by industry, IT environment and perhaps organizational culture.
3 Ways to Address Some of the Top 10 Network Security Challenges
The diversity of challenges reinforces the notion that there isn’t a single solution that will solve every security problem. However, there are reasonable steps security leaders can take as part of an overall layered security posture.
1) Segment your network.
Insider threats are a good reason to segment your network and protect sensitive data from both malicious and accidental events. Instrument those segments with comprehensive threat detection deployed at a central point. Look for modern technologies that include stateful anomaly detection to identify suspicious behaviors. In addition, be sure to adjust detection rules and policies to accommodate for the variations in traffic behavior you are likely to see from internal vs. external threats.
2) Bring context to alerts.
A key challenge with security alerts is the overwhelming volume. The survey showed the deluge of alerts can exceed the capacity of security teams: they can’t investigate them all. A solution is to look for tools that provide ways to filter and prioritize alerts based on your unique environment. Tools that enable security to correlate network metadata directly with alerts brings to bear context that reduces time-to-detection and minimizes false positives.
3) Cybersecurity integration and data interoperability.
The fourth and tenth challenge on the list – too many tools and data interoperability – are closely related. Our analysis of the data suggests it’s not so much that organizations have too many tools, it’s that some tools make it difficult to share data. This requires security analysts to switch from one console to the next to detect threats, which is a manual and time-consuming task. More importantly, manual efforts invite human error and gaps for adversaries to exploit. Look for cybersecurity tools that openly embrace integration and provide ways for analysts to share data and get greater visibility of the network and potential threats.
Also see: 3 Reasons Why the Integration of Cybersecurity Tools is a Growing Imperative
* * *
The Bricata platform provides full spectrum threat detection and can, in fact, help with all the suggestions above and much more. If you’d like to learn more, be sure to check out our 90-second explainer video or request a live demonstration.
Separately, the full survey report – The Top Challenges in Network Security for 2019 – is freely available to view or download on SlideShare. We’d welcome your questions, comments and suggestions about the survey so please feel free to contact us or share your ideas with us on Twitter: @BricataInc.
If you enjoyed this post, you might also like:
Network Security: Why it’s Harder for Threats to Hide Behavior