FireMon has released its 2019 State of the Firewall report, which is seen as the annual benchmark of current issues in firewall management. The latest report finds that enterprises are slow to abandon manual processes, despite being short staffed, as the lack of automation, coupled with increasing network complexity and lack of visibility, contribute to costly misconfigurations and increased risk.
The 2019 State of the Firewall report features feedback from nigh on 600 respondents, including nearly 20% from the executive ranks, detailing ongoing firewall operations in the spectrum of digital transformation initiatives. With this analysis, FireMon maps the latest industry trends to reveal the pulse of the changing security policy management landscape.
“In an age of increasing data breaches caused by human error, it’s shocking to see the lack of automation being deployed to protect against preventable security threats,” said Tim Woods, vice-president of technology alliances for FireMon. “The new report shows that C-Suite executives and their security teams need more control and visibility over network security processes to fuel digital transformations and maintain regulation compliance. Adaptive automation tools can be the solution to these problems to provide new levels of control and visibility.”
Digital transformation initiatives
Micro-segmentation, zero trust, containers, SDN or cloud – no matter what you call it – all falls under the same Boardroom theme: digital transformation. Whether the goal is to be more agile or competitive or to super-charge the supply chain, digital transformation is the glue driving the mission to be more responsive while closing the gap on security. Highlighting this scenario, the 2019 State of the Firewall report reveals that cloud adoption is up significantly – 72% of respondents are managing some form of hybrid cloud environment today compared to the 53% cited in the 2018 report.
The mindset of the C-Suite has illuminated the core findings of this year’s report. Citing a variety of security process challenges in the network environment leading to misconfigurations, C-Suite respondents have shared the following feedback:
*e-mails and spreadsheets drive workflow: 38% of C-Suite respondents said that change management processes are ad hoc, such as using e-mail to send requests to firewall admins and spreadsheets to track network changes
*no clear view of security posture: Only 23% of those surveyed had at least 80% real-time visibility into network security risks and compliance
*outdated communications: 35% of respondents only found out about a misconfigured firewall causing issues through urgent phone calls, e-mails and texts
Not trending: automation adoption is slow
As automation proves its worth, and zero-touch automation makes headlines as the ideal end state, more than 65% of report respondents are still not using any form of automation to manage their security policies.
Meanwhile, human error based on manual processes, late-night change windows and overworked staff all drive network inaccuracies and misconfigurations leaving enterprises vulnerable to threats. 36% of respondents said that inaccuracies, misconfigurations or issues on the network account for 10-to-24% of the changes that require rework.
“Not only is zero-touch automation a buzzword, but most of our customers are looking for solutions that let them keep their hands on the wheel to control network security processes,” explained Jeff Styles, vice-president of global field engineering at FireMon. “Automation doesn’t need to mean ‘fully automatic’. The best solutions actually provide more adaptive control and visibility over networks and firewall operations.”
Network complexity: a major challenge
The growing complexity and lack of visibility when managing firewalls across on-premise, cloud and hybrid network environments continues to generate challenges and weaken the ability to comply with security and privacy regulations for enterprises. The 2019 State of the Firewall report has found that:
*the number of firewalls is increasing. Almost one-third had 100 or more firewalls in their environment and each with a growing set of rules to manage. Additionally, 34% had 50% or less real-time visibility into their network security risks and compliance, which creates a lack of visibility across systems and leads to gaps in enforcement
*having too many vendors creates unnecessary network complexity for management and approvals: 78% use two or more vendors for enforcement points on their network, almost 60% have firewalls deployed in the cloud and 72% have two or more teams involved in processing or approving a typical change request, which could be automated to improve efficiencies
Mindful automation: the missing solution
The 2019 State of the Firewall report’s findings on the lack of automation being used across the industry highlight the need to deploy this missing solution. Finding the correct approach of security automation for each enterprise helps to improve real-time visibility and control over network security processes and, importantly, aids compliance with regulations.
The best approach towards automation will enable an organisation to minimise human error, increase efficiency and close the gap between driving transformation initiatives and maximising security resources and agility.