SURVEY: Corporate networks under attack from many directions
The increase in Web apps, cloud, and IOT connections results in network security complexities for many local organisation, reveals ITWeb's Network Security survey.
Almost 40% of surveyed local organisations admit to not having any form of security for Internet of things (IOT) devices connected to their company network.
This is according to a Network Security Survey run by ITWeb in partnership with network security firm, Infoblox, aimed at finding out how South African organisations seek to avert cyber attacks on their network.
The survey largely made up of seniorlevel ICT decision-makers, reveals that the increase in Web applications, cloud, Software-as-a-Service offerings and IOT connections has resulted in security complexities for many local organisations.
As network speeds increase, it is important for organisations to have security tools that keep up with the demand, provide maximum security and give valuable insight into their network traffic.
Around 20% of respondents admitted to not having any form of security in place for their cloud based servers, while 18% have no data centre server security and 14% have no endpoint security outside their firewalls.
According to experts, all it takes for an attacker to gain access to an organisation's network is a rogue insider, a missing patch on a server that permits an unauthenticated command prompt or another backdoor path into the Web environment.
The majority (66%) of respondents use a combination of a virtual private network with end user protection software, to ensure protection of remote users, while just over a quarter (26%) integrate VPN into their company network.
Incident response time
When asked how quickly they can remediate security incidents, over a third (36%) said 'somewhat quickly', while 15 % said 'somewhat slowly'.
Rene Bosman, service provider and major account manager for Infoblox, says following a breach, every second counts in the race to mitigate damages.
"Critical for any security solution is reducing the time needed to mitigate a possible threat or attack on a network. It is also important to share the right information, at the right time, at the right place, and to the right team to address an attack or threat," he adds.
Over half of respondents (56%) have between one and five threat intelligence data feeds in use and just under a third (27%) have none in place.
The good news for customers is that when organisations were asked to rate their level of data security, most said they had taken the necessary steps to safeguard their important data, with (39%) rating their data centre information protection as 'good'; and 37% rating as good, their data stored in the cloud.
Data security is an important issue for businesses today, The Cyber security Insight Report conducted by CDW shows data loss emerged as a top security challenge facing medium and large organisations globally.
As a method to discover malware and infected end points in their network, over half (51%) use anti-virus end point security solutions, 14% installed a network and end point discovery tool, 5% have a zeroday protection solution while 22% use a combination of all three.
Of those organisations which have threat intelligence data feeds, almost a third have consolidated it into a security information and event management (SIEM) software solution.
While SIEM tools don't fully protect a corporate's IT environment against newly emerging cyber attacks, they play an important role in collecting security log events from numerous hosts within an enterprise and store the relevant data centrally. By bringing this log data together, these SIEM products enable centralised analysis and reporting on an organisation's security events.
The global network security market is estimated to grow at a substantial CAGR of 4.74% during the period 2017-2022, propelled by rising use of mobile devices and the increasing demand for integrated security solutions, according to research firm Radiant Insights.
Other factors propel in the growth of the market include the high acceptance of network solutions among enterprises, increasing data opening and the development of financially targeted cyber attacks is driving the acceptance of advance network security solutions.