A majority of Global 2000 companies have areas within their networks that are not properly analysed according to a new report.
The survey from network security company ForeScout Technologies, conducted by research firm Frost & Sullivan, says these 'blind spots' can lead to costly breaches due to unknown applications, traffic, devices and users operating insecurely on a corporate network.
In the past 12 months 72 per cent of respondents say that they experienced five or more network-based security incidents. Interestingly managed devices experienced the most security incidents, despite increased investment in managed security technologies.
Managed end user computers yielded the most network-based security incidents, with nearly one-third of companies in the US, 19 per cent of companies in the UK and 50 per cent of German companies reporting five or more. Managed servers also served as gateways for attack in 27 per cent of companies in the US, 19 per cent in the UK and 36 per cent in Germany. The survey suggests that this is leading to low customer confidence in security agents being deployed.
"We've confirmed what most people already expect - that no company is truly secure without its security technologies working together. A siloed security approach can create network blind spots that have costly, long-term impacts on business continuity and brand reputation," says Chris Kissel, Industry Analyst, Network Security Research, at Frost and Sullivan. "Without full network visibility, these attack surfaces will only increase, given the fast-growing number of BYOD and IoT devices being connected to corporate networks".
Other findings include that too much reliance on security agents brings a false sense of safety. Low confidence in patch management agents is reported by 37 per cent of respondents, followed closely by mobile device management (MDM) agents (35 per cent), encryption agents (28 per cent) and antivirus agents (27 per cent).
However, IT professionals would unanimously welcome a set of pre-determined security controls within each network security technology to help with automation and save critical resources. The main areas that respondents wanted automated security controls for were firewalls (67 per cent), intrusion prevention (65 per cent) and antivirus (63 per cent).
The full report is available to download from the ForeScout website.