Security & Mobility Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
jkonstantas

Emerging Technology Under The Spotlight

by Juniper Employee ‎02-24-2013 09:02 PM - edited ‎02-24-2013 09:02 PM

When we commissioned the Ponemon Institute to examine the efficacy of emerging security technologies, it was on more than just a hunch that reality falls short of promised protections. As a long time security vendor and purveyor of these next generation firewalls and intrusion prevention systems that make up the emerging security technology sector, we at Juniper wanted to understand how efficient these defenses have been against the threats of this past year.

 

In honesty, it came as no surprise to us that over 4700 participating IT professionals and security practitioners, spanning practically every vertical of business and government worldwide, told the Ponemon Institute that despite current security investments, they put their cybersecurity posture at a 4.7 on a scale where 10 is most secure. In fact, 60 percent of organizations had one or more breaches in the last year according to the report.

 

Perhaps these findings came as no surprise to you as well. After all, cyberattack prevention has become the stuff of Presidential State of the Union Addresses and World Economic Forum charters. The fact is that today’s hackers are highly organized, motivated and thanks to cloud and SDN, now have virtually unlimited compute and attack surfaces with which to work. This puts most firms at a disadvantage relative to their attackers, and so continued exposure is just the new norm right?

 

Well not exactly. The detailed responses of the study actually bring to light some very interesting explanations as to security efficacy or inefficiency as is the case.

 

Firms reported for instance high awareness of the evolving threat landscape (67percent) and investment in emerging security technology for application control, firewalling and intrusion prevention. The majority (53 percent) also reported that the deployment of NGFWs is to deal predominantly with the inside-out threat, that is the prevention of data exfiltration from infected user devices. When asked however about use of this technology to stop threats, the majority (53 percent) of firms said that their next generation firewalls (NGFW) are deployed in monitor only (non-blocking mode) because of concerns with blocking legitimate traffic and reducing application performance.

 

At the same time when asked about their biggest security concern, 56% of firms identified the need to secure web traffic as top of list. Further, when asked about the top three most serious attacks faced by organizations, respondents reiterated their concerns with outside-in attacks on web applications and data centers:

 

  • 62% expressed concerns about Web-based attacks
  • 60% expressed concerns about distributed denial of service attacks as a top concern
  • 47% specifically calling out SQL injection attempts

To deal with this outside-in threat to web servers and applications, organizations may turn to web application firewalls. But most firms told Ponemon that WAFs too are typically deployed in non-blocking mode because of high false positive rates.

 

Looking at this data the picture that emerges is one of great vulnerability. Emerging security technologies are inefficient at blocking organizations’ biggest threats – attacks on web assets. At Juniper, we’re architecting the way forward for web application security. Our experience securing the world’s most complex networks has given us unique insight on what’s needed to raise the security efficacy bar. I urge you to read this Ponemon study and if you find yourself among the majority of respondents, tune in to our RSA announcements to see what how Juniper is tackling the challenge.

 

 Ponemon-infographic.jpg

Post a Comment
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
About Security & Mobility Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon

Our Bloggers

Kyle Adams
Senior Software Engineer

Profile | Subscribe

Ritesh Agrawal
Director
Software Engineering

Profile | Subscribe

Erin K. Banks
Senior Technical Marketing Manager

Profile | Subscribe

Ajay Bharadwaj
Product Manager

Profile | Subscribe

Paul Bristow
Senior Director
Product Management

Profile | Subscribe

Michael Callahan
Vice President
Product Marketing

Profile | Subscribe

Henrik Davidsson
Director
Security Sales

Profile | Subscribe

Scott Emo
Director
Product Marketing

Profile | Subscribe

Mora Gozani
Senior Manager
Product Marketing

Profile | Subscribe

Steve Hanna
Distinguished Engineer

Profile | Subscribe

Ashur Kanoon
Sr. Manager
Technical Marketing

Profile | Subscribe

Seema Kathuria
Manager
Product Marketing

Profile | Subscribe

Kevin Kennedy
Senior Director
Product Management

Profile | Subscribe

Dave Killion
Software Engineer

Profile | Subscribe

Rebecca Lawson
Senior Director
Product Marketing

Profile | Subscribe

Rajoo Nagar
Senior Manager
Product Marketing

Profile | Subscribe

Erin O'Malley
Manager
Product Marketing

Profile | Subscribe

Galina Pildush
Strategy & Planning
Architect

Profile | Subscribe

Edward Roberts
Director
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Ashutosh Thakur
Product Line Manager

Profile | Subscribe

Troy Vennon
Software Engineer

Profile | Subscribe

Brad Woodberg
Product Manager

Profile | Subscribe

Labels
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.