Professionals Say Network Security is Getting Harder

A  survey conducted by Bricata, a network security company, found 64% of security professionals said network security is getting harder and a fifth of all respondents it is getting significantly harder. 

That’s probably not surprising, but what’s more important is understanding “Why?” and twenty-nine respondents gave answers as to why security is getting harder. 

 

Here are those answers.

1) Attacks are more sophisticated.
Spending and awareness at the executive level continues to grow, however attacks and exploits are becoming increasingly more advanced and difficult to defend or protect from.
2) More vectors of attack. 
The risks to networks have become more significant from other attack vectors than a specific network intrusion. Some of those vectors are becoming harder to manage, can affect networks, but I wouldn’t refer to them solely as network security issues.
3) Organic network sprawl.
More things keep getting added to the network and more computer systems proliferate throughout offices with more vulnerabilities.
4) Business acquisitions and cloud add to the network.
Acquisitions have made it more challenging. Supporting both AWS and Microsoft Azure cloud services also testing our support limits as development rushes into this space headlong. Where responsibilities moved from a traditional hardware stack to Amazon Web Services (AWS). Network security in AWS is a whole new ballgame to learn.
5) Zero trust. 
The perimeter is now fluid. With the onset of mobile devices, IoT and remote workforce, end users are requiring access from anywhere, at any time with the same functionality provided from an office workstation on the network.
 And there have more deep hackings into previously thought solid safe spaces.
6) Lack of network visibility.
It’s due to moving services to clouds and using end-to-end encryption, it is not easy to see what is going on there.
7) Threat actor collaboration.
The bad guys are working together more than us good guys.
8) Training hasn’t kept pace with attacks. 
It doesn’t feel like training or education is keeping pace for defenders with what attackers are capable of doing.
9) Hackers have tools too.
Hackers are using more complex and comprehensive tools and internal users are seemingly less aware of what they do to reduce protection.
10) Third-party and supply chain threats
There is an increase in threats from third-party networks and IoT devices.
11) Ransomware variants. 
Ransomware variants are growing, and threats are evolving.
12) User error and complacency. 
Still having issues with user errors; challenges of attacks are getting more sophisticated.
Threats are not going away, and people are becoming to a point more complacent.
13) Security is playing catch up.
We are playing catch up because security wasn’t a priority with this company until recently.
14) State-sponsored attacks. 
An increase in threats, state-sponsored attacks.

Bricata:              Image: Nick Youngson

You Might Also Read:

Over 90% Of Security Pros Fear Insider Threats:

 

« US Cyber Strike On Iran Is A Step Change
Most Cyber Insurance Claims Result from Human Error »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

SK-CERT

SK-CERT

SK-CERT National Computer Computer Emergency Response Team of Slovakia.

BPC Banking Technologies

BPC Banking Technologies

BPC’s advanced fraud prevention solution helps card issuers and acquirers combat the growing threat by monitoring 100% of transactions, online, in real-time across all channels.

Havelsan

Havelsan

HAVELSAN is a leading technology company in Turkey developing indigenous systems for domestic and foreign military, public and private sector clients.

KOVRR

KOVRR

Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

SWEDAC is the national accreditation body for Sweden. The directory of members provides details of organisations offering certification services for ISO 27001.

Intrinium

Intrinium

Intrinium is an Information Technology and Security Solutions company, providing comprehensive consulting and managed services to businesses of all sizes.

Intechtel

Intechtel

Intechtel is a cyber security company, in addition to providing other internet, technology and telephone services.

Datenschutz Schmidt

Datenschutz Schmidt

Datenschutz Schmidt is a service provider with many years of experience, we support you in complying with numerous data protection guidelines, requirements and laws.

UK Cyber Security Association (UKCSA)

UK Cyber Security Association (UKCSA)

The UK Cyber Security Association (UKCSA) is a membership organisation for individuals and organisations who actively work in the cyber security industry.

SOOS

SOOS

SOOS is the easy-to-integrate software security solution for your whole team. Build, catch, and fix vulnerabilities with SOOS Software Composition Analysis.

ThreatFabric

ThreatFabric

ThreatFabric integrates industry-leading threat intel, behavioral analytics, advanced device fingerprinting and over 10.000 adaptive fraud indicators.

Beaming

Beaming

Beaming is an established Internet Service Provider for businesses across the UK. We deliver reliable voice, data and managed services, including cybersecurity.

Revytech

Revytech

Revytech is a tech company providing services in a broad range of areas including IT operations, cyber security and network engineering.

SixMap

SixMap

SixMap is a continuous threat exposure management platform that automatically provides comprehensive enterprise visibility, contextual threat intelligence, and a suite of remediation actions.

Graphiant

Graphiant

Graphiant’s Data Assurance service gives businesses end-to-end control and visibility into how data travels throughout the entire business network.

Red Alpha Cybersecurity

Red Alpha Cybersecurity

At Red Alpha, we specialize in recruiting and rigorously training individuals passionate about cybersecurity.