Q1 Labs, a leading network security company, surveyed more than 450 network and security professionals to obtain their views on security incident response and resolution as it affects their daily jobs. The survey results showed that security and networking responsibilities are combining, with network and security administrators increasingly teaming up to handle incident response and resolution. In addition, the survey indicated that risk mitigation is becoming more complex, with a variety of different threats overwhelming administrators who are responsible for keeping networks up and running.
"One of the more interesting results of this survey was the integration of network and security groups within the enterprise," said Brendan Hannigan, executive vice president of marketing and business development at Q1 Labs. "Security is moving from an add-on or an individual function to a central part of network architectures. While we used to see separate groups handling each aspect, the majority of survey respondents need both networking and security experts to work together on resolving today's complex threats."
The survey asked what issues and risks take up the most time and focus for respondents' network management and IT staff. Results cited a range of issues, with the top three responses being:
- External threat management - 37 % (worms, malicious code, hacking).
- Network and security management - 31% (volume of alerts, security incident response, policy enforcement, prevention of downtime).
- Internal network misuse - 14% (P2P, IM, IP theft/damage, internal security risks).
Automated threat remediation was a hot topic in the survey for IT staff looking to save time and increase security. 69% of respondents stated that they would trust automated remediation of newly-detected security threats (with 22% of the group trusting it outright, and the other 78% preferring to activate automated remediation only after manual inspection).
"As security incidents grow in complexity, it takes more time to both proactively and reactively respond to threats," said Hannigan. "The scope of issues and risks bombarding network and security administrators is driving a merging of security and networking. Threats and attacks must be identified enterprise-wide so IT can analyze and counter them as quickly and efficiently as possible."
