“Lack of automation” revealed as underlying security challenge in digital transformation initiatives

FireMon has released its 2019 State of the Firewall report, which is seen as the annual benchmark of current issues in firewall management. The latest report finds that enterprises are slow to abandon manual processes, despite being short staffed, as the lack of automation, coupled with increasing network complexity and lack of visibility, contribute to costly misconfigurations and increased risk.

The 2019 State of the Firewall report features feedback from nigh on 600 respondents, including nearly 20% from the executive ranks, detailing ongoing firewall operations in the spectrum of digital transformation initiatives. With this analysis, FireMon maps the latest industry trends to reveal the pulse of the changing security policy management landscape.

“In an age of increasing data breaches caused by human error, it’s shocking to see the lack of automation being deployed to protect against preventable security threats,” said Tim Woods, vice-president of technology alliances for FireMon. “The new report shows that C-Suite executives and their security teams need more control and visibility over network security processes to fuel digital transformations and maintain regulation compliance. Adaptive automation tools can be the solution to these problems to provide new levels of control and visibility.”

Digital transformation initiatives

Micro-segmentation, zero trust, containers, SDN or cloud – no matter what you call it – all falls under the same Boardroom theme: digital transformation. Whether the goal is to be more agile or competitive or to super-charge the supply chain, digital transformation is the glue driving the mission to be more responsive while closing the gap on security. Highlighting this scenario, the 2019 State of the Firewall report reveals that cloud adoption is up significantly – 72% of respondents are managing some form of hybrid cloud environment today compared to the 53% cited in the 2018 report.

The mindset of the C-Suite has illuminated the core findings of this year’s report. Citing a variety of security process challenges in the network environment leading to misconfigurations, C-Suite respondents have shared the following feedback:

*e-mails and spreadsheets drive workflow: 38% of C-Suite respondents said that change management processes are ad hoc, such as using e-mail to send requests to firewall admins and spreadsheets to track network changes

*no clear view of security posture: Only 23% of those surveyed had at least 80% real-time visibility into network security risks and compliance

*outdated communications: 35% of respondents only found out about a misconfigured firewall causing issues through urgent phone calls, e-mails and texts

Not trending: automation adoption is slow

As automation proves its worth, and zero-touch automation makes headlines as the ideal end state, more than 65% of report respondents are still not using any form of automation to manage their security policies.

Meanwhile, human error based on manual processes, late-night change windows and overworked staff all drive network inaccuracies and misconfigurations leaving enterprises vulnerable to threats. 36% of respondents said that inaccuracies, misconfigurations or issues on the network account for 10-to-24% of the changes that require rework.

“Not only is zero-touch automation a buzzword, but most of our customers are looking for solutions that let them keep their hands on the wheel to control network security processes,” explained Jeff Styles, vice-president of global field engineering at FireMon. “Automation doesn’t need to mean ‘fully automatic’. The best solutions actually provide more adaptive control and visibility over networks and firewall operations.”

Network complexity: a major challenge

The growing complexity and lack of visibility when managing firewalls across on-premise, cloud and hybrid network environments continues to generate challenges and weaken the ability to comply with security and privacy regulations for enterprises. The 2019 State of the Firewall report has found that:

*the number of firewalls is increasing. Almost one-third had 100 or more firewalls in their environment and each with a growing set of rules to manage. Additionally, 34% had 50% or less real-time visibility into their network security risks and compliance, which creates a lack of visibility across systems and leads to gaps in enforcement

*having too many vendors creates unnecessary network complexity for management and approvals: 78% use two or more vendors for enforcement points on their network, almost 60% have firewalls deployed in the cloud and 72% have two or more teams involved in processing or approving a typical change request, which could be automated to improve efficiencies

Mindful automation: the missing solution

The 2019 State of the Firewall report’s findings on the lack of automation being used across the industry highlight the need to deploy this missing solution. Finding the correct approach of security automation for each enterprise helps to improve real-time visibility and control over network security processes and, importantly, aids compliance with regulations.

The best approach towards automation will enable an organisation to minimise human error, increase efficiency and close the gap between driving transformation initiatives and maximising security resources and agility.

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts