AlgoSec Says Insiders are the Biggest Security Threat
When the comic strip Pogo famously declared in 1970 that "We have met the enemy and he is us," it was a commentary on human nature. But it also describes the current state of IT security in the channel, according to new research released by AlgoSec that says many of the greatest dangers is internal -- which is an interesting conclusion for a major firewall management vendor to draw.
When the comic strip Pogo famously declared in 1970 that "We have met the enemy and he is us," it was a commentary on human nature. But it also describes the current state of IT security in the channel, according to new research released by AlgoSec that says many of the greatest dangers is internal—which is an interesting conclusion for a major firewall management vendor to draw.
Of course, AlgoSec does more than just firewalls. Its focus is on integrated, comprehensive security management and automation solutions that span across routers, VPNs, firewalls and devices.
But AlgoSec's latest report, "The State of Network Security 2013: Attitudes and Opinions," suggests that firewalls—and many of other traditional security tools—are of only limited value in an environment where "the greatest risk is from within." Major takeaway points from the report, which was based on a survey of 179 security professionals during the RSA Conference back in February, include:
- 64.5 percent of respondents said insiders—whether careless employees who accidentally put private data at risk, or malicious ones—represent the greatest security risk. About the same number cited the increasing bring-your-own-device trend, which encourages employees to add their own hardware to the enterprise network without necessarily vetting its security, as another source of internal threats to data and privacy.
- The cloud remains a major hole in many enterprise security strategies. According to the report: "Less than 20 percent of respondents said that the majority of their organization’s security controls were in the cloud. And, the larger the organization, the less likely it was to have cloud-based security."
- Adoption of "next-generation" firewalls has reached 57 percent, compared to 41.2 percent in 2012. That means more organizations have robust protection against outside threats—but also that managing firewalls, which are now more complex, places a greater strain on IT staff, according to survey respondents.
These points, combined with the other key findings available in the full report, suggest security concerns are shifting. In the past, weak firewalls let outside intruders wreak havoc. Now, with stronger firewalls in place, security breaches are more likely to start within the enterprise, in places such as personal employee devices that may not be well-secured or the cloud.
All of this means VARs and other partners in the channel should start shifting their strategies when it comes to beefing up security. The threats are still there—no doubt about that—but their nature is changing, and traditional approaches for mitigating them will cease to be adequate. A lot of opportunity exists for organizations that can respond effectively to these new challenges, as AlgoSec itself doubtless plans to do in light of its findings.