A study reveals that enterprises find it challenging to defend their networks and applications.
Attacks are becoming more difficult to
defend against and are expensive to mitigate, with traditional safeguards
falling short, according to a worldwide study.
The security study-whose results were
announced by application delivery networking specialist F5 Networks (NASDAQ:
FFIV)-measures the effects of increasingly complex network and application
attacks on enterprise organizations, and details the security practices that
enterprises are adopting to guard against these threats.
Ninety-two percent of those surveyed
view application delivery controllers (ADCs) as an appropriate alternative to
traditional security solutions, finding that the utilization of ADCs for
security purposes continues to gain traction. "Traditional security
technologies are struggling to keep pace with the expanding threat landscape;
as cyber-attacks become more malicious, employees are also becoming more
distributed and infrastructures are growing in complexity," said Karl Triebes,
CTO and senior vice president of product development at F5. "As such, many
enterprises are turning to ADCs to address critical security concerns that
traditional safeguards cannot reach."
With both infrastructure systems and
cyber-attacks growing in complexity, the study revealed that enterprises find
it challenging to defend their networks and applications. The survey found that
Domain Name System (DNS) attacks are the most frequent and difficult to defend
against, and have the highest impact on enterprises. "We've had some notable
public attacks, both DDoS [distributed denial of service] and scripting
issues," said a director of technology in a recent focus group, referring to
the increasing difficulty in defending against attacks. "We've changed our
entire policy and our infrastructure in the past year because of these things."
The effects of DNS and encrypted data
attacks are wide sweeping across industries, with the typical cost per
organization for a 12-month period being $682,000, according to the survey.
More than 50 percent of enterprises claimed loss of productivity, 43 percent of
respondents reported loss of data, and 31 percent reported loss of revenue.
Other costs that enterprises incur from attacks include loss of customer trust,
regulatory fines, and theft of money or goods.
Regarding ADCs, the survey indicated IT
departments are considering ADCs for security use, with one-third of
respondents already using ADCs for security and virtually all of them
discussing it. According to the survey, only 8 percent believe their
traditional safeguards are sufficient and there is no need to consider ADCs. In
contrast, 92 percent see specific security roles for ADCs, and half of
respondents believe that ADCs can replace many or most traditional safeguards.
The F5 Networks 2011 ADC Security Study
was commissioned by F5 to gauge the current security threat landscape and its
effect on enterprise security management. Conducted by Applied Research in
September 2011 through phone interviews and focus groups, the survey included
responses from 1,000 large organizations in 10 countries around the world.
Applied Research spoke with senior IT management in a variety of roles.