Emerging cybersecurity threats drive IT investments
Today’s workplaces are evolving in record time. We continue to see a rise in highly distributed environments, remote offices, mobile users, and (now with a global pandemic) a rapid shift to working from home. The attack surface is evolving and the network must adapt.
In March 2020, Enterprise Strategy Group (ESG) conducted a survey of IT and information security professionals. The goal of this survey was simple: get some real answers to tough security questions. What’s driving the shift in network security investments? In this new world, who is responsible for evaluating, purchasing, and managing network security products and services? What’s all the buzz about Elastic Cloud Gateways? Wait — what is an Elastic Cloud Gateway? I’ll talk more about this later, but it’s another new term to express the need to consolidate multiple edge network security controls into a unified solution.
In this blog, I’ll explain the highlights from ESG’s Elastic Cloud Gateway report. You’ll learn how shifting to the cloud challenges the notion that you need 50+ security tools and 25 vendors to get your job done. Of course, it’s not surprising that point tools lead to sprawl, and more than half of the survey respondents said that sprawl has caused increased complexity that negatively impacted the business — sounds like a headache to me!
The scoop on the survey
The research is based on more than 375 responses and examines the impacts that cloud, mobility, and distributed environments have on edge network security strategy. Nearly half (48%) of organizations expect at least 40% of their network security controls to be cloud-delivered within 2 years, up from 25% today. This percentage is even higher among distributed organizations.
With 86% of organizations reporting issues arising from managing multiple point tools, consolidating functionality through a cloud-delivered approach is an attractive alternative. Why? It helps them to gain control and protect users more effectively.
Threats, network complexity, and inefficient tools are driving change
Threats remain the biggest challenge, with 41% reporting an increase in malware volume and sophistication. With more mobile devices, more cloud access, and a sprawl of point tools, it’s hard for organizations to get a handle on threats and respond quickly. Too many alerts, inconsistent policy enforcement, and complex investigations are leading buyers to question whether the cloud can reduce this complexity and provide a more efficient way to secure users. Today’s dynamic threat landscape requires additional capabilities beyond basic URL filtering and malware filtering. 79% of organizations say that DNS-layer security is required or important in an elastic cloud gateway solution.
It’s not surprising that 64% believe network security is more difficult than two years ago, and nearly half of all respondents believe securing employee access is also more difficult. But why is it harder? 36% of organizations say that an increase in the number of distributed users with access to the network has made network security more challenging.
There are some surprises, though — among the survey respondents who use a secure web gateway (SWG), fewer than 1 in 10 are very satisfied! How can such an established technology be leaving so much room for improvement? Perhaps this is why we’re seeing an increase in demand for an integrated cloud-delivered solution like an Elastic Cloud Gateway.
SD-WAN and security are closely linked
SD-WAN usage is rising, with 80% of survey respondents reporting that they use SD-WAN extensively or selectively. 38% express a preference to use a security vendor that provides edge network security with native SD-WAN capabilities. The biggest drivers for adoption are improved security, better application performance, and reduced bandwidth demands.
When asked why their organizations would seek to procure security and SD-WAN tools from the same vendor, 47% expressed a desire for better operational efficiencies for security and networking teams, followed closely by improved threat prevention and detection. Using a single vendor for security and SD-WAN leads to a strategic partnership where the vendor understands their business, computing environment, and strategic objectives holistically.
Efficiency, security, and vendor relationships drive desire for consolidation
The market is poised for a transition to cloud-delivered network security solutions. Those organizations that have already shifted to the cloud cite better protection (26%), better performance (24%), and easier deployment and maintenance (22%) as their top drivers.
73% of organizations would consider an Elastic Cloud Gateway architecture across their environment to help consolidate multiple edge network security controls into a unified solution. These solutions need to fulfill the promises of better protection and better performance, as well as reduce the complexity and inefficiencies that exist with today’s on-premise solutions. IT and security teams are looking for better management, increased flexibility, and more control over their network security, all of which will continue to drive changes in the market.