Gartner's report Avoid These 'Dirty Dozen' Network Security Worst Practices mentions the “shiny new object syndrome” as the first worst practice. This practice refers to the nature of IT security professionals to constantly seek new technological solutions to existing problems. Yet, Gartner notes that in many cases cutting-edge technology products or services may not always be the ideal solution. Furthermore, a similar impact may be achieved with “changes to policy/process [or] leveraging an existing technology...” I want to focus on this aspect after we look at some recent statistics.
A large portion of network security breaches are due to human error. According to Gemalto's Annual Breach Level Index, the majority of security breaches are caused by “malicious outsiders” (cyber attacks from outside the organization), followed by 25% caused by “accidental losses” due to human error. The report continues, “It's a bit perplexing that so many breaches could be caused by accident, and shows that companies need to do a better job of preventing mishaps that can lead to data loss.” IBM's annual Cyber Security Intelligence Index states, “What is fascinating—and disheartening—is that over 95% of all incidents investigated recognize 'human error' as a contributing factor.” And the most commonly cited form of human error is--system misconfiguration.
So this means that having more control over your existing security products and technologies while minimizing human error has the potential to dramatically reduce your organization's risk level. It also means that you may only need to better utilize your existing network security systems to address the major cyber threats out there and minimize your attack surface.
By automating configuration of your security policies on your firewalls and routers, you can eliminate the human-error factor. This of course can be done based on an accurate understanding of the network and security policies running on it. A comprehensive, proven solution such the Tufin Orchestration Suite enables network security automation over the entire enterprise—across physical networks and hybrid cloud platforms. By automating security configuration changes, you not only remove the human-error factor from the security equation, you can also accelerate these configuration changes and increase your overall business agility.
So the bottom line is: First make the most of the security infrastructure you have in place. Reduce the attack surface of your network by eliminating the human-error factor (and accelerate business while you're at it). Then you can start investigating new technologies and assess the incremental value they might bring into your overall security posture.