Professionals Say Network Security is Getting Harder

Uploaded on 2019-07-18 in NEWS-Cybersecurity News, FREE TO VIEW

A  survey conducted by Bricata, a network security company, found 64% of security professionals said network security is getting harder and a fifth of all respondents it is getting significantly harder. 

That’s probably not surprising, but what’s more important is understanding “Why?” and twenty-nine respondents gave answers as to why security is getting harder. 

 

Here are those answers.

1) Attacks are more sophisticated.
Spending and awareness at the executive level continues to grow, however attacks and exploits are becoming increasingly more advanced and difficult to defend or protect from.
2) More vectors of attack. 
The risks to networks have become more significant from other attack vectors than a specific network intrusion. Some of those vectors are becoming harder to manage, can affect networks, but I wouldn’t refer to them solely as network security issues.
3) Organic network sprawl.
More things keep getting added to the network and more computer systems proliferate throughout offices with more vulnerabilities.
4) Business acquisitions and cloud add to the network.
Acquisitions have made it more challenging. Supporting both AWS and Microsoft Azure cloud services also testing our support limits as development rushes into this space headlong. Where responsibilities moved from a traditional hardware stack to Amazon Web Services (AWS). Network security in AWS is a whole new ballgame to learn.
5) Zero trust. 
The perimeter is now fluid. With the onset of mobile devices, IoT and remote workforce, end users are requiring access from anywhere, at any time with the same functionality provided from an office workstation on the network.
 And there have more deep hackings into previously thought solid safe spaces.
6) Lack of network visibility.
It’s due to moving services to clouds and using end-to-end encryption, it is not easy to see what is going on there.
7) Threat actor collaboration.
The bad guys are working together more than us good guys.
8) Training hasn’t kept pace with attacks. 
It doesn’t feel like training or education is keeping pace for defenders with what attackers are capable of doing.
9) Hackers have tools too.
Hackers are using more complex and comprehensive tools and internal users are seemingly less aware of what they do to reduce protection.
10) Third-party and supply chain threats
There is an increase in threats from third-party networks and IoT devices.
11) Ransomware variants. 
Ransomware variants are growing, and threats are evolving.
12) User error and complacency. 
Still having issues with user errors; challenges of attacks are getting more sophisticated.
Threats are not going away, and people are becoming to a point more complacent.
13) Security is playing catch up.
We are playing catch up because security wasn’t a priority with this company until recently.
14) State-sponsored attacks. 
An increase in threats, state-sponsored attacks.

Bricata:              Image: Nick Youngson

You Might Also Read:

Over 90% Of Security Pros Fear Insider Threats:

 

« US Cyber Strike On Iran Is A Step Change
Most Cyber Insurance Claims Result from Human Error »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Associates (CSA)

Cyber Security Associates (CSA)

Cyber Security Associates provides cyber consultancy and cyber managed services which help to detect, protect and educate against the ever-changing cyber threat.

Falanx Cyber

Falanx Cyber

Falanx Cyber provides enterprise-class cyber security services and solutions. We deliver end-to-end cyber capabilities, either as specific engagements or as fully-managed services.

First National Technology Solutions (FNTS)

First National Technology Solutions (FNTS)

First National Technology Solutions is a leading provider of flexible, customized hosted and remote managed services including IT security and compliance.

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

ENVEIL

ENVEIL

ENVEIL’s technology is the first scalable commercial solution to cryptographically secure Data in Use.

Cyberra Legal Services (CLS)

Cyberra Legal Services (CLS)

Cyberra Legal Services provides cyber law advisory, cyber crime consultancy, cyber law compliance audit, cyber security, cyber forensics and cyber training services.

Very Good Security (VGS)

Very Good Security (VGS)

VGS is the modern approach to data security. Our SaaS solution gives you all the benefits of interacting with sensitive and regulated data without the liability of securing it.

ODSC

ODSC

ODSC is a security systems integrator that provides services and expertise in identity management and access.

UTMStack

UTMStack

UTMStack is a Unified Security Management system that includes SIEM, Vulnerability Management, Network and Host IDS/IPS, Asset Discovery, Endpoint Protection and Incident Response.

Athreon

Athreon

Athreon utilizes a fusion of AI technology, human interpretation, and the latest in cybersecurity to deliver sound business solutions that help our clients make better data-driven decisions.

CyberGuard Technologies

CyberGuard Technologies

CyberGuard Technologies provides a suite of fully managed end-to-end security services from its 24/7 UK security operations centre.

World Cyber Security Summit

World Cyber Security Summit

World Cyber Security Summit, by Trescon, is a thought-leadership driven platform for CISOs who are looking to explore new-age threats and the technologies/strategies that can help mitigate them.

CI-ISAC Australia

CI-ISAC Australia

CI-ISAC has been designed to support and promote existing legislation and Government initiatives that are working to uplift cyber resilience across critical infrastructure sectors.

TAFEcyber

TAFEcyber

TAFEcyber is an Australian based consortium focusing on the skilling of the fast-growing cyber security workforce through education and training.

Venticento

Venticento

Venticento is an IT company specialized in consulting and network support and assistance for companies that need to make their business processes more effective.

Codezero Technologies

Codezero Technologies

Codezero is at the forefront of microservices development, employing an identity-aware overlay network that delivers zero-trust security to DevOps.