BYOD, Virtualization Affect Enterprise Security: F5 Networks

Technology trends such as bring your own device (BYOD) initiatives, virtualization and the complexity of attack types have the greatest impact on securing today’s organizations, according to a security trends survey conducted by networking appliances specialist F5 Networks at this year’s RSA conference, held Feb. 25 to March 1.

Nearly half of the respondents admitted that traditional safeguards are less than adequate in protecting against threats related to these trends, with roughly one-third of respondents reporting that their security readiness is inadequate.

When asked what security trends have the greatest impact on an organization’s ability to achieve the level of security it desires, virtualization led the list of concerns with 73 percent, followed by complex threats (such as distributed-denial-of-service, or DDoS, attacks), BYOD and state-sponsored cyber-crime.

While respondents acknowledged BYOD as critical to an organization’s ability to achieve the level of security it wants, one-third of respondents admitted they are not prepared to provide adequate security to protect against threats associated with BYOD. Despite this, two-thirds of respondents said BYOD was having a somewhat to extremely high impact on security.

“The security landscape continues to change rapidly and many organizations are struggling to properly address evolving threats,” Mark Vondemkamp, F5’s vice president of product management for security, said in a statement. “Companies will do well to proactively address trends like BYOD and cloud security, but they should also look to raise their game in terms of threat detection and mitigation. With employee behavior, business priorities and infrastructure demands further expanding traditional threat vectors, the proper tools and procedures are essential in maintaining a healthy level of security.”

While nearly two-thirds (64 percent) of respondents see the shift to Web-based applications as a trend affecting security, 37 percent of respondents’ organizations are not providing adequate security to protect against potential threats. Similarly, although 66 percent of respondents see the shift to cloud-based infrastructure as a trend affecting security, just under half (49 percent) of respondents’ feel their businesses are not providing adequate security to protect against potential threats.

The survey also indicated current threats—including the increased pace of patches issued for an operating system and applications, and the expanding complexity of single Secure Sockets Layer (SSL) certificate management—are moving beyond the capability of traditional security safeguards.

“Organizations are struggling to keep pace with the changing face of security. Virtualization, BYOD and shifts in IT infrastructures and applications along with the complexity of attack types are driving new threats,” the report noted. “IT admits that these threats are beyond the scope of traditional safeguards. As such, IT reports that their general security readiness is subpar.”