Global Survey Shows Companies Are Using More Automation in Cybersecurity, But Still Have Work to Do
Even much-hyped technologies like artificial intelligence and machine learning are nascent, with minimal adoption globally
SAN JOSE, Calif., Aug. 28, 2018 (GLOBE NEWSWIRE) -- Skybox® Security, a global leader in cybersecurity management, has released the results of a global survey conducted by Osterman Research, Understanding Security Processes and the Need to Automate. The survey, which includes responses from 465 senior security leaders at large enterprises in the U.S., EMEA and APAC,* reveals trends in the use of security automation, as well as artificial intelligence (AI) and machine learning (ML). Survey questions focused on workflows in firewall and security policy management and vulnerability management.
Key findings included some surprises. For example, according to the results, APAC is ahead of the U.S. and EMEA in terms of automation for processes involved in the management of firewall rules and security policy — the automation of these processes is least common in EMEA. And despite being hyped at shows and in the media, technologies such as artificial intelligence and machine learning are still in early days, with few organizations using AI/ML in production — just four percent of respondents in EMEA, nine percent in the U.S. and 27 percent in APAC.
In general, the report reveals that companies worldwide are continuing to struggle with network security management, especially as those networks are growing more complex and increasing in size. Surprisingly, most are only partially automating workflows and processes to help overcome these challenges — but they do see the value and are looking to automate more in the future.
“Many organizations have significant deficiencies with regard to their firewall and security management,” said Michael Osterman, principal analyst of Osterman Research. “Most realize that they need to improve the way they manage security and policy, and they also realize that automating workflows and processes is key to these improvements.”
Additional insights from the report include the following:
- Cutting costs, making better use of skilled employees and network size/complexity are top drivers for automation — but that varies by region. In EMEA, 61 percent of respondents said cost was the number one driver; 43 percent said it was in the U.S. Surprisingly, only 35 percent in APAC ranked costs as the key driver for automation. They instead ranked the difficulty of managing the size and complexity of their network as the primary reason (43 percent), as well as being able to move skilled staff off mundane activities to higher value/skill security tasks (40 percent). The U.S. and EMEA also cited the challenges of managing network size and complexity as a heavy driver (42 percent and 38 percent respectively).
- Better visibility and context are still needed. Organizations are still deficient in understanding network context and having visibility of firewall and security policy, including why firewall rules exist: 37 percent in the U.S., 61 percent in EMEA and 47 percent in APAC said they had only “minimal or some understanding.” Even more surprising, respondents said they have only minimal or some understanding of how security changes impact their business: 49 percent in the U.S., 63 percent in EMEA and 39 percent in APAC. And it appears that identifying vulnerabilities continues to be a challenge, with 53 percent in the U.S., 63 percent in EMEA and 42 percent in APAC having only minimal or some understanding of what vulnerabilities exist on network devices.
- Security staff are bogged down with incident response processes, compliance management and making changes to the security infrastructure. The top things respondents said they spend a “substantial” amount of time on are: incident response triage/prioritization and compliance management for the U.S.; firewall configurations and out-of-process changes for EMEA; compliance management and security changes for APAC.
- Security teams need help, with most organizations admiting they need to make major improvements in how they manage security and policy. The biggest improvements are needed in how organizations decommission applications: 72 percent of respondents in the U.S., 67 percent in EMEA and 54 percent in APAC say they do it “poorly or moderately.” Security teams also need help pruning firewall rules so that rulesets do not become bloated, with 67 percent in the U.S., 78 percent in EMEA and 48 percent in APAC saying they do it “poorly or moderately.” Ironically, these are areas where automation can make a huge impact.
- Automation is an impetus for cloud migration. It’s no surprise that for many companies, migration to the cloud is having a significant impact on the automation of security policy changes. This is most notable in APAC where 43 percent of organizations said cloud is impacting the automation of security policy changes. Survey results also show that the vast majority of organizations are working on initiatives focused on security automation to support cloud environments.
“The good news: security leaders have started on their automation journey,” said Skybox Director of Product Marketing, Sean Keef. “However, the results of this survey show us that many companies have a long way to go. It seems security leaders are still trying to understand where they’re going to get the most value out of automation, while also ensuring they’re not putting the organization at risk. There are many areas, however, where it is absolutely essential to implement automation — and, in fact, where the automation reduces risk. For example, collecting/gathering data for attack surface visibility and modeling, network change management and rule life cycle management. Networks are simply becoming too large and complex to manage manually. If you’re not already working with a vendor in these areas, you should start looking for one.”
Click here to download the full report and to register for the September 18 webinar with Michael Osterman, click here. Michael will discuss further details of the survey and answer questions. Skybox will also present a short overview on how the Skybox® Security Suite can automate core security management workflows.
About Skybox Security
Skybox provides the industry’s broadest cybersecurity management platform to address security challenges within large, complex networks. By integrating with 120 networking and security technologies, the Skybox Security Suite gives comprehensive attack surface visibility and the context needed for informed action. Our analytics, automation and intelligence improve the efficiency and performance of security operations in vulnerability and threat management and firewall and security policy management for the world’s largest organizations.
© 2018 Skybox Security, Inc. All rights reserved. Skybox Security and the Skybox Security logo are either registered trademarks or trademarks of Skybox Security, Inc., in the United States and/or other countries. All other trademarks are the property of their respective owners. Product specifications subject to change at any time without prior notice.
OneChocolate for Skybox Security
United Kingdom: Daniel Couzens
+44 (0)20 7437 0227 | DanielC@onechocolatecomms.co.uk
Germany: Melanie Grasser
+49 (0)89 3888 920 10 | MelanieG@onechocolatecomms.de
France: Xavier Delhôme
+33 1 41 31 75 09 | email@example.com
*The survey was conducted in June 2018 with respondents knowledgeable about security policy management and related issues in organizations with a minimum of 1,000 employees.
One Liberty Plaza - 165 Broadway
NY 10006 New York
GlobeNewswire is one of the world's largest newswire distribution networks, specializing in the delivery of corporate press releases financial disclosures and multimedia content to the media, investment community, individual investors and the general public.
Følg saker fra GlobeNewswire
Registrer deg med din epostadresse under for å få de nyeste sakene fra GlobeNewswire på epost fortløpende. Du kan melde deg av når som helst.
Siste saker fra GlobeNewswire
ADC Therapeutics Announces First Patient Dosed in Phase I Clinical Trial of ADCT-601 in Advanced Solid Tumors16.1.2019 07:00 | Pressemelding
Pyrrolobenzodiazepine-based antibody drug conjugate targets AXL, a receptor tyrosine kinase highly expressed in solid tumors LAUSANNE, Switzerland, Jan. 16, 2019 (GLOBE NEWSWIRE) -- ADC Therapeutics, an oncology drug discovery and development company that specializes in the development of proprietary antibody drug conjugates (ADCs), today announced that the first patient has been dosed in its Phase I clinical trial evaluating the safety, tolerability, pharmacokinetics and anti-tumor activity of ADCT-601 in patients with selected solid tumors that are locally advanced or metastatic. ADCT-601 is an ADC composed of a humanized monoclonal antibody against human AXL, conjugated using GlycoConnect™ site specific conjugation technology to a pyrrolobenzodiazepine (PBD) dimer toxin. In preclinical studies, ADCT-601 demonstrated potent and specific in vitro and in vivo anti-tumor activity in multiple cancer-derived models with different levels of AXL expression, and was stable and well tolerated
GSA Europe’s Managing Director Elected Co-lead of CEN’s TC456 Committee15.1.2019 21:12 | Pressemelding
SAN GWANN, Malta, Jan. 15, 2019 (GLOBE NEWSWIRE) -- GSA Europe’s Managing Director Mark Pace has been elected by the Comité Européen de Normalisation (CEN) to lead the creation of a European Union online gaming reporting standard. CEN has established Technical Committee 456 to create this standard in support of online gambling supervision. GSA Europe joined Technical Committee 456 as a Liaison Organization in 2017. The Technical Committee’s mandate from the European Commission is directly aligned with work that GSA Europe has already started, namely, to create a single standard set of data elements and single standard way in which data is provided by online gambling providers to EU Member State regulatory authorities. In addition to joining and now leading the Technical Committee’s work, GSA Europe also donated their draft Regulatory Data Set and Regulatory Reporting Interface to CEN seeking to help jump-start the Committee’s work. “Joining CEN’s TC456 as a Liaison Organization, and no
Orion Biotechnology Reports Positive Results for Colorectal Cancer in Preclinical Study15.1.2019 15:00 | Pressemelding
OTTAWA, Jan. 15, 2019 (GLOBE NEWSWIRE) -- Orion Biotechnology Canada Ltd., a developer of novel medical treatments, today announced preclinical data produced in collaboration with Charles River Laboratories, evaluating the efficacy of OB-002O (5P12-RANTES) in colorectal cancer. BALB/c mice were inoculated subcutaneously with the CT-26 colorectal cancer cell line. Three days after inoculation intraperitoneal treatment was started with OB-002O, a murine anti-PD-1 antibody, OB-002 + anti-PD-1, or saline placebo. Treatment was given daily or every third day. Treatment with OB-0020 alone led to statistically significant delayed tumor growth at multiple time-points. An even more profound effect on the decrease in mean tumor volume was observed in combination cohort where animals received both, OB-0020 and the anti-PD-1 antibody (p>0.05). “There is growing awareness of the role of CCR5 antagonism as an important component of cancer immunotherapy. OB-002O is an extremely potent CCR5 antagonist
Credit Suisse Partners with CGAP on Digital Finance to Catalyze Delivery of Energy, Water and other Services to Low Income People15.1.2019 14:08 | Pressemelding
Washington/Zurich, Jan. 15, 2019 (GLOBE NEWSWIRE) -- Credit Suisse, one of the world's leading financial services providers, is partnering with the Consultative Group to Assist the Poor (CGAP) to support its work in building inclusive and responsible financial systems that help people move out of poverty, protect their economic gains and advance the broader global development agenda. CGAP is a global partnership of more than 30 leading development agencies, private foundations and national governments committed to financial inclusion as a means toward expanding opportunities for poor people. Through their engagement, CGAP and Credit Suisse will capitalize upon and leverage each other’s knowledge to further financial inclusion and its contribution toward achieving the United Nations’ Sustainable Development Goals (SDGs). Among the projects that align well with Credit Suisse’s expertise are CGAP’s work on sustainable business models that use digital finance technologies to lower the cost
TrueCommerce Recognized as a Leader in IDC MarketScape for Worldwide Multi-Enterprise Supply Chain Commerce Network15.1.2019 14:00 | Pressemelding
-- “The vendor offers a true partnership for their customers and has become an extension of their internal staff and resources to manage their supply chains,” says the report -- PITTSBURGH, Jan. 15, 2019 (GLOBE NEWSWIRE) -- TrueCommerce, a global provider of trading partner connectivity, integration and unified commerce solutions , has announced today it was positioned in the Leaders category of the IDC MarketScape for Worldwide Multi-Enterprise Supply Chain Commerce Network report. The research states that TrueCommerce offers a broad set of supply chain applications that extend far beyond traditional data transportation. “Our investments into the cutting-edge unified commerce technology and customer care allowed the company to make this qualitative leap, and we are proud to be recognized by such a reputable global research firm as IDC,” said TrueCommerce president Ross Elliott. “The report advises companies to engage with a network vendor that is at least thinking about what tomorrow
UnionBank Launches First Fully Digital Branch in the Philippines15.1.2019 13:30 | Pressemelding
Appian Cloud Platform Enables Low-Code Rapid Application Development for Powerful Process Automation RESTON, Va. and SYDNEY, Australia , Jan. 15, 2019 (GLOBE NEWSWIRE) -- Appian (NASDAQ: APPN) announces that UnionBank of the Philippines used the Appian Platform to launch its first fully digital branch. The branch, called The Ark, completely transforms the customer experience, making that experience entirely digital, including internet-connected self-service kiosks and virtual reality boxes. Unlike traditional bank branches, The Ark has done away with rows of tellers and long queues, and gone completely paperless. Customers now go to one of the self-service iPad stands stationed around the bank, where they can type in their request, significantly reducing time previously spent waiting in queues for service. “The Ark is an award-winning digital branch that provides a modern experience for our clients within a traditional brick and mortar store,” said Anna Maria Aboitiz Delgado, Head for