State of the Firewall Report 2019: Zero-Touch Automation is More Headline than Reality, Network Complexity and Lack of Visibility Are Key Issues

Tim Woods

With data breaches on the rise and affecting every corner of every industry, from credit cards to medical testing companies, it poses the question about why these breaches keep occurring and what enterprises can do to prevent their most frequent causes – firewall misconfigurations.

Did you know that misconfigurations are also code for human errors? Virtually all data breaches have been caused by human errors introduced during manual network change processes. Just one misconfiguration can open a server to remote access by anyone with an internet connection, and allow data to be accessed, stolen and potentially used for nefarious purposes.

Misconfigurations are typically the result of two issues: Improper use of native cloud provider security controls and organizations deploying misconfigured servers, storage systems and firewalls in the cloud. Now, with a combination of increases in manual rules changes, overworked staff, and growing network policy complexity, misconfigurations are getting out of hand.

Reducing Network Security Risk with Firewall Automation

The key to solving this issue is automation. However, our 2019 State of the Firewall report found that 65 percent of respondents are still not using any form of automation to manage their network environments. Meanwhile, 38 percent also said that their change management systems are ad hoc, relying on emails, spreadsheets and other outdated tools to create and track security requests.

These findings show that zero-touch automation is still more of a buzzword than a trusted network security approach. But not using automation to improve aging, manual processes is exactly the problem, especially with 45 percent of respondents processing between 10-99 change requests per week. This volume of requests strains overworked security personnel who operate during late-night change windows, when errors are also more prone to occur. By automating network security policy management, enterprises can increase their control and visibility across network environments to reduce their cyber-attack surface.

The State of the Firewall Key Findings

The 2019 State of the Firewall survey resulted in more responses than ever before to spotlight how missing automation, increasing network complexity, and a lack of visibility are leading to misconfigurations and weakening the ability to comply with regulations. With almost 20 percent of respondents coming from the executive ranks alone, the survey gained unique insights into firewall operations, cloud and next-gen architectures. Key findings included:

Need for Automation: 38 percent of C-level respondents said their change management system is ad hoc. And, 36 percent of respondents said that inaccuracies, misconfigurations or issues on the network account for 10 to 24 percent of the changes that require rework.

Firewall Complexity Causes Issues: With multiple teams and vendors required to manage firewall change processes across on-premise, cloud and hybrid network environments, addressing security challenges is increasingly complex. 78 percent of participants use two or more vendors for enforcement points on their network. And, 72 percent of respondents have two or more teams involved in processing or approving a typical change request, which could be automated to improve efficiencies.

Poor Visibility Limits Compliance: A lack of visibility across network environments causes additional issues and weakens the ability to comply with security and privacy regulations. 12 percent of respondents don’t even know when a misconfigured firewall causes an issue on the network. 34 percent of participants have less than 50 percent real-time visibility into network security risks and compliance. And, almost 20 percent of C-level executives are not sure if they failed a compliance audit in the last 12 months.

The Trusted Route Forward

In a world of growing technological complexity that demands increased security, firewalls are not going away, as 95 percent of respondents said that firewalls are as critical as ever. By releasing this year’s State of the Firewall report, we hope to inform the industry on the critical need for automation to reduce data breaches and help enterprises continue to innovate, while maximizing their security agility and operational resources.

2019 State of the Firewall Report Resources
The Report: Download the 2019 State of the Firewall report
The Data: Download the key findings in an infographic
The Press Release: FireMon’s 2019 State of the Firewall Report Reveals Lack of Automation as Underlying Security Challenge in Digital Transformation Initiatives
Webinar: FireMon will host a live webinar, 2019 State of the Firewall, Thursday, November 14 at 1 p.m. CT
Social Media: Track the conversation #SoFR19

 

Methods Statement
The sixth-annual State of the Firewall Report polled a total of 573 C-level executives, IT practitioners and security professionals about their firewall usage, perceptions, processes and key challenges. The 2019 survey represented the largest pool of respondents since the study’s inception in 2014. Almost 20 percent of participants were from the executive ranks alone. The survey included a total of 30 questions covering demographics, firewall operations, and cloud and next-gen architectures.