Network Security Research

In these whitepapers, IDG shares their findings on the unique challenges different members of IT organizations face when it comes to ensuring network security.

Do you have issues with siloed and poorly integrated systems?

In recent research, IDG identified a disconnect between network security practitioners and executives around levels of confidence and priority initiatives. Read the white paper to learn what this means for you and how a single source of network truth can mitigate concerns.
SecOps Professionals

Do you have a need for increased network visibility and verification?

As an IT leader, you may be surprised to know that your team may be more concerned about the security of your network than you are. Learn what IDG research revealed and how network visibility can improve your security posture.

Security Executives

Siloed and Poorly Integrated
Systems Continue to
Undermine Network Security

Evidence of multiple challenges suggests there is misplaced
confidence among frontline IT managers that their network
security practices are ahead of the curve.

Constrained by tight budgets

and staffing shortages, IT managers are constantly striving to do more with less. This mandate is especially pressing when it comes to identifying and countering network security threats or when assessing and mitigating the effects of cyberbreaches.

In our digitally dependent world, the successes and failures of IT managers rest heavily on their ability to protect their organization’s data and systems. However, defending against cyberthreats has grown continually more challenging, and not only because the threats themselves have increased in number, diversity, and sophistication.

The digital estate that IT managers must police has also become much more complex. Today IT environments typically encompass on-premises data centers, multicloud environments, network-edge facilities, a large variety of end user devices, and a broad collection of different networks. 

To manage and secure these diverse environments, organizations have deployed a growing variety of systems and tools.


However, these discrete systems often create additional layers of complexity as well as information silos. For many IT managers, there is no single source of truth for network security information or any simple way to gain end-to-end visibility across their IT infrastructure and operations.

No wonder that IT managers are sometimes overwhelmed with simply managing and maintaining all the IT elements under their charge as well as protecting them against cyberattacks. IT managers need easy and immediate access to accurate information — everything from validation of zerotrust architecture deployments to the number and scope of systems compromised by any successful cyberbreach.

Interestingly, a large majority of IT managers recently surveyed by IDG said their existing network security capabilities equaled or surpassed those of their competitors. Clearly, not every organization can be “average or above” in this regard.
Managers who overestimate the strength and sophistication of their security operations may unintentionally expose their organization to significant financial, legal, and reputational risk.

Network Security Landscape: 
A Mixture of Confidence and Challenges

To gain insights into the current state of network security, IDG surveyed 98 IT managers along with 101 IT directors, VPs, and executives at large enterprises.

Nearly half (48%) of the IT managers surveyed said their overall network security was “ahead of the curve” compared to competitive organizations’. In one sign of a disconnect between the frontline IT managers and their bosses, the IT director+ respondents were more likely than IT managers to believe that their organization’s network security was ahead of the curve.

In contrast to the directors’ confidence, IT managers identified a wide range of network security challenges and pain points:

Establishing strong firewall rules
Minimizing the time required to disable a compromised host
Ability to know when something is out of compliance
Lack of a matrix to verify firewall security connectivity
It’s commonly accepted that success relies on shared vision and goals. Yet the IDG survey showed misalignment between the two respondent groups with regard to network security. For example, 39% of the frontline IT managers said their organization was building or already employing a zero-trust architecture, compared to 59% of the director+ respondents saying the same.
A 20% gap in perception is worrisome. It could be that IT managers are so consumed with reacting to cyberthreats and other pressing demands that they have little time to focus on proactive measures such as zero trust. However, this finding, along with other disparities, highlights the importance of continual engagement and coordination among all levels of IT when it comes to network security objectives, progress, and outstanding needs. 

The Value of a Single Source of Truth for Network Security

Although IDG found several differences between IT managers and IT executives, the two groups mostly agreed on the challenges they face and the importance of addressing them. That agreement included the need for and benefits of a single highly integrated network operations security solution.



As IT managers know, many important security tasks are largely or partially performed manually. As shown in Figure 1, respondents said that a single solution able to automatically address five critical security functions would bring significant value.

Mathematically Verified Network Security

To handle the escalating demands and threats IT managers face in securing their organization’s complex digital estate, Forward Networks has developed a mathematical process to precisely model an organization’s end-to-end network. This constantly updated, always accurate digital twin shows network topology, device configurations, and behavior and presents information in easy-to-understand vendor-agnostic visualizations.



For security operations teams, Forward Enterprise makes it easy to monitor security policy adherence through an always-current zone-to-zone connectivity matrix and to remediate network OS vulnerabilities through a Common Vulnerabilities and Exposures (CVE) matrix. They can also prove the network security posture with always-on monitoring and reduce the time to find and remediate compromised devices, using the solution’s blast radius feature. Deployed on-premises or as a hosted cloud service, Forward Enterprise integrates easily with existing network management systems and tools.

Network Security:
Multiple Challenges Underline Need
for Increased Visibility and Verification

IT directors, VPs, and other executives believe
they have good security practices in place but still
recognize unanswered challenges and needs.

In a perfect world,

CIOs, IT directors, and other IT executives could focus all of their attention on staying ahead of technology’s rapid evolution while also ensuring that their organization has the optimal IT and network infrastructure to meet business and operational needs. 

In the real world, however, an increasing portion of IT leaders’ time is spent in fire-drill mode as they react to the rising deluge of cyberattacks. Today’s digitally dependent organizations understand the damage that successful cyberbreaches can cause. Yet having a constantly distracted and reactive IT department also poses significant financial and reputational risks.

 The rising sophistication and consequences of cyberattacks make clear the importance of implementing proactive security capabilities. A recent analysis by the Ponemon Institute and IBM found that the average total cost of a data breach worldwide has reached $4.24 million, up from $3.86 million a year earlier.


One key driver of this escalating cost is that it took organizations, on average, more than nine months to identify and contain a breach. 

To minimize the risk of breaches and rapidly identify successful intrusions and contain their damage, managers and security teams need full visibility across their entire IT and network estates. That includes having detailed information on device topology, state, and configuration. It also means getting prompt notification of any security policies that are broken — unintentionally or otherwise — by misconfigurations or by risky actions taken by employees.

To get a better sense of the state of network security, IDG surveyed 101 IT directors, VPs, and other executives as well as 98 frontline IT managers. Most expressed high levels of confidence in their organization’s existing network security capabilities. However, most also expressed a desire for many additional capabilities, which suggests that some of that confidence may be misplaced.

Network Security Landscape:
A Mixture of Confidence and Challenges

Among the “director+” executive respondents, 58% rated their overall network security as ahead of the curve compared to their competitors’. Another 37% said that it was on par with others, and — contrary to the reality of averages — just 5% said they were lagging their competitors. 

Despite their high confidence levels, IT leaders identified improvements related to network security that they’re seeking, such as:



A better understanding of the blast radius of a compromised host
Validation that their network architecture follows a zero-trust approach
Improvement in network breach response times
There were also indications that IT directors and executives sometimes have perspectives different from those of frontline IT managers with regard to the status of their network security initiatives and capabilities. For example, whereas 59% of the directors+ cohort said their organization was building or already employing a zero-trust architecture, just 39% of IT managers said the same.

Likewise, 70% of the IT directors+ strongly agreed with the statement “I am confident that I can prove/validate that my network architecture follows a zero-trust approach,” compared to just 53% of the IT managers.
These disparities in perception are cause for concern. Executives who believe that their network is more secure than it is may ignore or underfund critical initiatives necessary to protect their organization’s digital assets. 

At a minimum, the different assessments suggest a lack of communication between IT executives and managers. There must be continual engagement and coordination with each other on network security objectives, progress, and outstanding needs.

Providing a Single Source of Truth for Network Security 

It isn’t only IT executives and managers who sometimes have difficulty communicating. Many of the specialized security systems and tools that organizations have deployed to monitor, assess, and counter cyberthreats don’t “talk” to each other. 

Software-driven security solutions have proliferated almost as rapidly as cyberthreats themselves, and attack volumes and complexities have exceeded the capabilities of humans to analyze and respond to them.



 Making the situation more challenging: Poorly integrated, discrete solutions can result in security silos and gaps. IT professionals need a single source of security truth and visibility to defend their end-to-end networks.

IDG survey respondents understand the value of a multifunction solution that can accurately and rapidly provide a range of security information, visibility, and functionality. As shown in Figure 1, a single solution was seen by most IT leaders as delivering high-value benefits. 

Network Security Through Better Math

To handle the escalating demands and threats IT managers face in securing their organization’s complex digital estate, Forward Networks has developed a mathematical process to precisely model an organization’s end-to-end network. This constantly updated, always accurate digital twin shows network topology, device configurations, and behavior and presents information in easy-to-understand, vendor-agnostic visualizations.



For security operations teams, Forward Enterprise makes it easy to monitor security policy adherence through an always-current zone-to-zone connectivity matrix and to remediate network OS vulnerabilities through a Common Vulnerabilities and Exposures (CVE) matrix. They can also prove the network security posture with always-on monitoring and reduce the time to find and remediate compromised devices, using the solution’s blast radius feature. Deployed on-premises or as a hosted cloud service, Forward Enterprise integrates easily with existing network management systems and tools.

Forward Networks

Mathematically-accurate network modeling trusted by the world's largest networks.
CONTACT SALES
ABOUTLEADERSHIPCAREERSCONTACT US
Newsletter
arrow-right linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram