Network Access Control Found Most Effective Against Threats

The survey also indicated NAC is the most often-used technology to detect vulnerabilities within transient laptops and mobile devices.

Network access control (NAC) is rated highest of all the security technologies in its potential to defend against today’s cyber-threats, and 77 percent of IT professionals are using or plan to use NAC for mobile security, according to a report conducted by CyberEdge Group and sponsored by ForeScout.

Surveying more than 750 security decision-makers and practitioners in organizations with 500-plus employees in North America and Europe, participants were asked to rate on a scale of 1 to 5, with 5 being highest, their perception on the effectiveness of various cyber-threat defense solutions. NAC received the highest marks at 3.71.

The survey also indicated NAC is the most often-used technology to detect vulnerabilities and security misconfigurations within transient laptops and mobile devices (51 percent), and NAC is the most often-used technology (53 percent of respondents) to detect host security misconfigurations.

"While many researchers focus on the threats and breaches that impact organizations’ protection efforts, until now, no one has polled security decision-makers and practitioners to understand their perceptions of security threats, response plans, processes and investments," Steve Piper, CEO of CyberEdge Group, said in a statement. "It is obvious from our research that NAC is an important weapon within many organizations’ arsenals and for good reason. Many of our respondents saw it as a versatile tool that could support protection efforts ranging from BYOD policy enforcement to configuration management."

Results revealed other IT trends in business as well, with adoption of bring-your-own-device (BYOD) policies is anticipated to move from 31 percent in 2014 to 77 percent in 2016, while endpoints were cited as the weakest link in most organizations’ IT environments.

The report concluded that most respondent organizations are combining multiple technologies together to establish a unified solution to meet an enterprise’s specific needs for defending their endpoints.

"The report not only conveys the techniques and technologies being applied to address cyber-attack risks, but highlights growing awareness among security practitioners of the value that NAC offers," Scott Gordon, chief marketing officer at ForeScout, said in a statement. "We believe that NAC, with its ability to dynamically resolve security exposures, enhance control content and automate remediation capabilities, is the cornerstone technology to advance continuous monitoring and mitigation programs."

In the report, one-quarter of organizations noted they are conducting full network scans weekly or daily, indicating a greater understanding of the tremendous value of continuous monitoring.

However, 52 percent of responding organizations conduct full network vulnerability scans quarterly or annually. Worryingly, one in five organizations admitted to rolling the dice by doing nothing to assess the state of their transient devices between regularly scheduled active scans.