Survey Indicates Network Access Control Perceived as Most Effective Security Technology to Defend Against Cyberthreats
February 2014 by ForeScout
The “2014 Cyberthreat Defence Report” found that respondents rated network access control (NAC) highest of all the security technologies in its potential to defend against today’s cyberthreats and that 77 percent of IT professionals are using or plan to use NAC for mobile security. The survey also showed the compelling need for continuous monitoring and mitigation; more than 60 percent of participants had been breached in 2013, with a quarter of all participants citing a lack of employer investment in adequate defences as a factor.
The research, which is the first of its kind to offer a 360 degree view of organisations’ perceptions of security threats and their security investments, was completed by CyberEdge Group, LLC and sponsored by ForeScout Technologies, Inc., the leading provider of pervasive network security solutions for Global 2000 enterprises and government organisations, and eight other information security companies. Surveying more than 750 security decision makers and practitioners in organisations with 500-plus employees in North America and Europe, the report is designed to complement Verizon’s annual Data Breach Investigations Report.
The Cyberthreat Defence Report offered unique insights into challenges faced by professionals in IT. Some of the key findings relevant to network security and next-generation NAC include:
Participants were asked to rate—on a scale of 1 to 5, with 5 being highest—their perception on the effectiveness of various cyberthreat defence solutions. NAC received the highest marks at 3.71
NAC is the most often used technology (53 percent of respondents) to detect host security misconfigurations
NAC is the most often used technology to detect vulnerabilities and security misconfigurations within transient laptops and mobile devices (51 percent) Adoption of BYOD policies is anticipated to move from 31 percent in 2014 to 77 percent in 2016
Endpoints are cited as the weakest link in most organisations’ IT environment
Information security is becoming more challenging due to three disruptive changes that nearly all enterprises are experiencing: IT infrastructure complexity due to an exponential increase in network connections and use of mobile, virtualisation and cloud technology; diminished capacity to manage endpoints caused by growing network-enabled and personal device use at the workplace; and difficulty to efficiently mitigate exposures within a growing attack landscape. To address these challenges, many organisations are supplementing their existing security investments with next-generation NAC to dynamically see and control user, device, application and access diversity. Organisations are also progressing their traditional layered defence model to one that leverages infrastructure interoperability in order to better support continuous monitoring and mitigation processes.
In the report, one quarter of organisations noted they are conducting full network scans weekly or daily, indicating a greater understanding of the tremendous value of continuous monitoring. However, 52 percent of responding organisations conduct full network vulnerability scans quarterly or annually. Alarmingly, one in five organisations admitted to rolling the dice by doing nothing to assess the state of their transient devices between regularly scheduled active scans. This provides a large window of opportunity for a successful cyberattack against the transient system.
“While many researchers focus on the threats and breaches that impact organisations’ protection efforts, until now, no one has polled security decision makers and practitioners to understand their perceptions of security threats, response plans, processes and investments,” said Steve Piper, CEO of CyberEdge Group, LLC. “It is obvious from our research that NAC is an important weapon within many organisations’ arsenals and for good reason. Many of our respondents saw it as a versatile tool that could support protection efforts ranging from BYOD policy enforcement to configuration management.”
“We are delighted to be a sponsor of this insightful Cyberthreat Defence Report from CyberEdge. The report not only conveys the techniques and technologies being applied to address cyberattack risks, but highlights growing awareness among security practitioners of the value that NAC offers,” said Scott Gordon, chief marketing officer at ForeScout. “We believe that NAC, with its ability to dynamically resolve security exposures, enhance control content and automate remediation capabilities, is the cornerstone technology to advance continuous monitoring and mitigation programs.”
Interestingly, the researchers concluded that most respondent organisations are combining multiple technologies together to establish a unified solution to meet an enterprise’s specific needs for defending their endpoints. This bodes well for ForeScout’s CounterACT platform, which helps organisations gain visibility and automated control for devices, users, systems and applications attempting to connect to or on an enterprise network. CounterACT identifies security control gaps, such as rogue devices, non-compliant systems or personal mobile device use, and it offers options to isolate threats and dynamically fix issues with little or no IT intervention. Furthermore, the firm’s ControlFabric technology enables network and security products to dynamically share information and allow enterprises to more rapidly respond to a broad range of security issues. This architecture brings disparate solutions together to provide operational context and policy-based remediation.
Report Available Now
The 2014 Cyberthreat Defence Report is available now from ForeScout