This week at the RSA Conference, I had the opportunity to talk with dozens upon dozens (more than 100) of information security professionals for Bromium’s “State of Security Report Card,” a survey of opinions about popular security solutions. It may seem obvious (especially if you read the headlines), but the survey revealed that firewalls and antivirus are failing to prevent attacks.
The results of this survey serve as yet another proof point in a long line of data about the shortcoming of legacy security solutions. Even if you cling to the belief that AV is not dead, RSA conference attendees seem to be aware that these solutions are failing.
Specific findings from the “State of Security Report Card” include:
- Organizations have room for improvement in prioritizing security – Bromium asked RSA conference attendees to grade their organization on its ability to prioritize security by allocating the resources it requires, but only eight percent of respondents gave their organization an A. Forty-two percent of respondents gave their organization a B, thirty-two percent of respondents gave their organization a C and 18 percent of respondents gave their organization a D. Interestingly, no respondents were willing to give their organization a failing grade.
- Firewalls and Anti–virus are failing to prevent attacks – Bromium asked RSA conference attendees to grade a variety of security solutions on their ability to prevent attacks and address the priorities set by their CISO, but only firewall and anti-virus received any failing grades. Twenty percent of respondents gave firewalls a failing grade and 25 percent of respondents gave antivirus a failing grade. Among the most popular responses, 42 percent of respondents gave firewalls a B and 36 percent of respondents gave antivirus a C.
- Next-generation solutions are performing above average – Next-generation firewalls, network sandboxes, endpoint isolation, host monitoring and threat intelligence solutions all performed well. None of these solutions were given a failing grade by any respondents. Among the most popular responses, 58 percent gave next-generation firewalls a B (17 percent gave it an A), 54 percent gave advanced threat protection/network sandboxes a B (20 percent gave it an A), 64 percent gave endpoint isolation/sandboxing/host monitoring a B (17 percent gave it an A) and 44 percent gave threat intelligence a B (17 percent gave it an A)
- Information Sharing Initiatives Show Promise; Face Hurdles – Bromium asked RSA conference attendees both if their organization would benefit from information sharing initiatives, such as those outlined in President Obama’s Executive Order, as well if their organization would participate. The overwhelming majority (78 percent) said they would benefit from information sharing initiatives, but less than half (48 percent) said they would participate. There is clearly a disconnect in these results, which suggest that information security professionals are concerned about how information sharing initiatives will aggregate and anonymize their organization’s data.