Professionals Say Network Security is Getting Harder

Uploaded on 2019-07-18 in NEWS-Cybersecurity News, FREE TO VIEW

A  survey conducted by Bricata, a network security company, found 64% of security professionals said network security is getting harder and a fifth of all respondents it is getting significantly harder. 

That’s probably not surprising, but what’s more important is understanding “Why?” and twenty-nine respondents gave answers as to why security is getting harder. 

 

Here are those answers.

1) Attacks are more sophisticated.
Spending and awareness at the executive level continues to grow, however attacks and exploits are becoming increasingly more advanced and difficult to defend or protect from.
2) More vectors of attack. 
The risks to networks have become more significant from other attack vectors than a specific network intrusion. Some of those vectors are becoming harder to manage, can affect networks, but I wouldn’t refer to them solely as network security issues.
3) Organic network sprawl.
More things keep getting added to the network and more computer systems proliferate throughout offices with more vulnerabilities.
4) Business acquisitions and cloud add to the network.
Acquisitions have made it more challenging. Supporting both AWS and Microsoft Azure cloud services also testing our support limits as development rushes into this space headlong. Where responsibilities moved from a traditional hardware stack to Amazon Web Services (AWS). Network security in AWS is a whole new ballgame to learn.
5) Zero trust. 
The perimeter is now fluid. With the onset of mobile devices, IoT and remote workforce, end users are requiring access from anywhere, at any time with the same functionality provided from an office workstation on the network.
 And there have more deep hackings into previously thought solid safe spaces.
6) Lack of network visibility.
It’s due to moving services to clouds and using end-to-end encryption, it is not easy to see what is going on there.
7) Threat actor collaboration.
The bad guys are working together more than us good guys.
8) Training hasn’t kept pace with attacks. 
It doesn’t feel like training or education is keeping pace for defenders with what attackers are capable of doing.
9) Hackers have tools too.
Hackers are using more complex and comprehensive tools and internal users are seemingly less aware of what they do to reduce protection.
10) Third-party and supply chain threats
There is an increase in threats from third-party networks and IoT devices.
11) Ransomware variants. 
Ransomware variants are growing, and threats are evolving.
12) User error and complacency. 
Still having issues with user errors; challenges of attacks are getting more sophisticated.
Threats are not going away, and people are becoming to a point more complacent.
13) Security is playing catch up.
We are playing catch up because security wasn’t a priority with this company until recently.
14) State-sponsored attacks. 
An increase in threats, state-sponsored attacks.

Bricata:              Image: Nick Youngson

You Might Also Read:

Over 90% Of Security Pros Fear Insider Threats:

 

« US Cyber Strike On Iran Is A Step Change
Most Cyber Insurance Claims Result from Human Error »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Altius IT

Altius IT

Altius IT reviews your website for security vulnerabilities and provides a report identifying vulnerabilities and recommendations to make secure.

mnemonic

mnemonic

mnemonic helps businesses manage their security risks, protect their data and defend against cyber threats.

Deltagon

Deltagon

Deltagon develops information security solutions to protect companies’ confidential information in e-communication and e-services.

OneVisage

OneVisage

Our award-winning 3DAuth digital identity platform turns any consumer mobile device into a real-time 3D facial scanner that securely authenticates the user in seconds.

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

Radically Open Security

Radically Open Security

Radically Open Security is the world's first not-for-profit computer security consultancy company.

Solidified

Solidified

Solidified is the largest audit platform for smart contracts. Our community has the highest concentration of top Blockchain security specialists and best-in-class code auditors.

ZecOps

ZecOps

ZecOps is a cybersecurity automation company offering solutions for servers, endpoints, mobile devices, and custom devices.

ABCsolutions

ABCsolutions

ABCsolutions is dedicated to assisting businesses and professionals achieve compliance with federal anti-money laundering regulations in an intelligent and pragmatic way.

Securolytics

Securolytics

Securolytics offers the simplest, most complete and affordable IoT security for all organizations. Securolytics quickly identifies unmanaged devices to reduce security and compliance risks.

Recon InfoSec

Recon InfoSec

The Recon InfoSec team includes analysts, architects, engineers, intrusion specialists, penetration testers, and operations experts.

Positiwise Software Pvt Ltd

Positiwise Software Pvt Ltd

Positiwise Software offers end-to-end software development solutions to accelerate the digital growth of businesses.

Black Belt Secure

Black Belt Secure

We provide critical cybersecurity services such as managed security, ransomware mitigation, penetration testing, system auditing and compliance services to your organization.

Stern Cybersecurity

Stern Cybersecurity

Stern Cybersecurity offers a robust defense against the ever-evolving landscape of digital threats.

Cyber Castle

Cyber Castle

Linux Demands Sophisticated, Purpose-Built Security. Cyber Castle is the solution. A safe, deployable platform down to the edge device for monitoring Linux security anywhere across the globe.