sb-au logo
Story image

IT leaders prioritising automation, Zero Trust and API-based security investments

IT security leaders are prioritising investments in automation, Zero Trust and API-based security to protect a rapidly transforming IT ecosystem, according to new research from FireMon.

A survey of 500 cybersecurity leaders has uncovered the key investments organisations are making, and the rationale behind their decisions. The survey found distinct priorities have emerged when it comes to responding to the needs of IT security's rapid transformation.

"The study shows that a cocktail of multiplying threats, the proliferation of hybrid and cloud architectures, blended with a pandemic-fuelled explosion in distributed and remote work has created a perfect storm for network security teams," says Satin H. Mirchandani, president and CEO of FireMon. 

"It is no wonder that they are adding new technologies, architectures, and approaches to ensure their networks remain protected."

The survey identified five major areas for network security investment:

 

  • Automation
    More than 50% of organisations are currently investing in automating policy management to safeguard against inefficient and risky functions and 79% say they will implement security orchestration and automation within two years to improve agility and responsiveness.

 

  • Zero Trust
    Forty five percent of organisations plan to implement a Zero Trust in the next 12 months, adding to the 17% of organisations that have already begun this process. The biggest drivers are a greater need for secure remote access (72%), reducing cybersecurity risk (70%), and supporting the transition to cloud architectures (51%).

 

  • Secure Access Service Edge (SASE) 
    Eight five percent of organisations have either already implemented a SASE platform or plan to do so within two years.

 

  • Security-Development Misalignment
    Eighty two percent of IT leaders admit their application development (DevOps) and network security operations teams are not well aligned.

 

  • Heterogeneity and Integration
    With growing complexity and heterogeneity, 95% of respondents are concerned about the lack of integration of network security platforms and their IT infrastructure.

"From an automation perspective, respondents cited the need to increase security agility and accelerate responsiveness and reduce the mean time to discover and resolve security incidents as the major drivers," says Mirchandani.

"This indicates that network security's growing complexity has rendered manual processes insufficient to keep up with accelerating rates of change," he says. 

"Automation is now an imperative."

Mirchandani says that based on the survey findings, it is also clear that Zero Trust Architecture will achieve broad adoption to support the transition to cloud architectures and ensure security for an increasingly remote workforce. 

"Both trends were accelerated by COVID-19 and are highly unlikely to be reversed," he says.

As part of this transition to cloud-based architectures, many respondents plan to implement a SASE platform to reduce cost and complexity, and improve security for their distributed and mobile workforce.

However, there is a risk of lack of alignment in a rush to balance the transition to cloud-based environments while still managing legacy infrastructure. This is especially the case when it comes to network security operations and application development and delivery processes. This misalignment causes slower application deployment, increases risk of downtime, and creates friction between security and development teams.

To gain greater alignment among security and development processes, more than 8 out of 10 organisations are looking to better integrate their systems via open APIs. This allows them to inject security capabilities into their preferred workflows, enabling greater flexibility and smoothing collaboration between groups.

"Network security is in the midst of a tectonic shift. New technologies and approaches will rapidly become the norm, forcing security teams to rethink how they manage access policies and ensure compliance in a changing and highly heterogeneous world," says Mirchandani.

Story image
Addressing the challenges of least privilege access
Enforcing the right privilege policies across the environment with the right visibility and observability will ensure that the policy mandates hold tight against any behaviour changes.More
Story image
Enterprises underutilising security tools, causing teams to burn out
The report unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.More
Story image
WatchGuard names new regional director for A/NZ
Anthony Daniel says, "I look forward to continuing to drive our business strategy, grow our channel and to supporting business growth Australia and New Zealand and the Pacific islands."More
Story image
FrankieOne to build Westpac's BaaS identity infrastructure
“As Australians continue to look for new and different ways to do their banking, we are excited to be part of the ever-growing BaaS movement with Westpac."More
Story image
Microsoft Exchange breach a wake-up call to ditch the server
"There are owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."More
Story image
Software-based facial recognition in payments industry to dominate by 2025
There will be more than 1.4 billion users of facial recognition software used for payments alone in 2025, up from 671 million in 2020.More