Network segmentation is a critical practice for enhancing security and ensuring operational resilience, and Omdia’s proactive security survey (1Q24) shows high levels of confidence in the capabilities of routers, switches, and firewalls to enable this segmentation. Unfortunately, the same survey also indicates a disparity between this confidence and the actual assessment practices employed to secure these devices.
Network segmentation enhances performance, significantly improves security, and is a key requirement for enabling zero trust strategies. Routers, switches, and firewalls serve as the foundational elements of a segmented network.
Our proactive security survey revealed that most organizations express high confidence in the security capabilities of their network security devices, believing that routers, switches, and firewalls are robust and secure.
This confidence often stems from the inherent security features these devices possess and the trust placed in well-established manufacturers. Sometimes, just knowing you have a solution in place is enough to offer peace of mind. However, this confidence in the devices' capabilities may translate to less-than-rigorous assessment practices. But as we know, configuration drift and new device vulnerabilities can degrade security posture.
While organizations may invest heavily in sophisticated network hardware, the assessment practices for these devices often lag. Confidence in security controls is not necessarily misplaced, but it is true that you can’t manage (or secure) what you don’t measure. Organizations are surprisingly confident in the security afforded by these devices considering the limited visibility they have into these network assets and the relatively long cadence they employ on assessing the security posture of these devices. A more proactive approach to assessment can limit these concerns.
|
Visibility: Every device across the entire attack surface |
Cadence: Assess for network security risks proactively in response to any configuration changes |
|
|
Firewalls |
34% |
5% |
|
Switches |
22% |
8% |
|
Routers |
21% |
11% |
N=405 global decision makers
Omdia defines proactive security solutions as those which search for indictors of exposure, validate those exposures, and recommend and perform actions to eliminate or mitigate those exposures before they are exploited. Attack surface management, risk-based vulnerability management, security posture management, incident simulation and testing, penetration testing, and red teaming are typically classified as proactive security measures.
Network device configurations are an imperative component of security posture management. The need to correctly configure network devices, particularly externally facing devices, in a secure state (and then maintain that state) is a critical component of attack surface reduction and effective risk management. Thankfully, organizations seem dedicated to security posture improvements – 47% say reducing the opportunity for threats with proactive security is a key objective for the next year.
Proactively securing network devices is not just a best practice; it's a necessity for operational resilience. Proactive security:
It is not enough to simply be confident in the security of routers, switches, and firewalls – it must be backed in practice by rigorous assessment practices to ensure true operational resilience. Proactively securing these network devices through regular assessments, configuration management, and other best practices is essential to protect against evolving threats and maintain a robust, resilient network infrastructure. By bridging the gap between confidence and practice, organizations can safeguard their networks and ensure continuous, secure operations.
For more information, check out our whitepaper: Emerging Best Practise in the Use of Proactive Security Systems