At its most fundamental level, the objective of network security is a simple one. Organizations need to protect their people, assets, and the data that travels across and resides within their networks. They do this by setting security policies that detail parameters like who or what is allowed to access which resources.

Over time, even small organizations can accumulate large libraries of security policies across a variety of different security products. The old processes used to create, update and audit these policies become a burden for the IT team and cause a number of problems for the organization.

Research firm Enterprise Strategy Group (ESG) recently surveyed 200 IT and cybersecurity decision-makers to understand their views on network security complexity and its consequences. They examine some of the top challenges facing these organizations today in their new report “Navigating Network Security Complexity.”

It’s not just your imagination. Security is getting more complex.

Unsurprisingly, a majority (83%) of respondents felt that network security has gotten more complicated in the last two years. There are many reasons for this, but the top responses included:

  1. More devices deployed on the network
  2. More traffic on the network
  3. The operations team managing more networking and security technologies

Taken together, these responses paint the picture of a growing attack surface and increasing workload for teams responsible for protecting organizations’ critical assets.

Challenges on the horizon

What are the biggest network security challenges facing organizations in the next few years? According to the survey, they are:

  1. Business initiatives being adopted without the proper security involvement
  2. A lack of dedicated network security staff
  3. It takes too long to manage network security policies

Businesses are innovating at a record pace, and they aren’t waiting for the security team. Hiring staff continues to be challenging, and outdated processes are compounding the issue.

Brace for impact: outages, disruption and data breaches

Nearly a third (29%) of organizations said they experienced a security event resulting from network security complexity. The most common incidents included network outages, application or network availability, loss of sensitive data, and lost productivity. Given the critical nature of these risks, it’s clear that network security management needs to be addressed when assessing an organization’s risk management strategy.

Recommendations: technology integration, automation, simplification

ESG offers three headline recommendations for CISOs dealing with network security complexity today. First, look for solutions that are integrated and centrally managed when possible. Next, seek out solutions that emphasize ease-of-use and time-to-value. Finally, organizations should strive for process automation and use technology to accomplish this.

Whether you’re directly involved in managing your organization’s security policies or not, you’re likely experiencing negative effects of the drain that these manual tasks can have on an IT department. It’s time to prioritize making security policy management more efficient, consistent and effective. Reading the full research report is a great place to get started.

Simplify network security management with Cisco Defense Orchestrator

At Cisco, we’re working hard to help our customers streamline their security operations. Cisco Defense Orchestrator is a cloud-based security policy and device manager that uses automation to eliminate complexity. Manage consistent security policies across Cisco ASA, FTD and Meraki MX devices, and reduce time spent on security management tasks by up to 90%. Visit the Cisco Defense Orchestrator webpage to learn more and sign up for a free trial.


Brian Remmel

Marketing Manager, Security