75 percent of companies have revealed that existing change management processes could increase the likelihood of a breach of security.
Tufin Technologies has surveyed 100 professionals dealing with risk and network threat and nearly three quarters believe that their change management procedures put their company at risk whilst 84 percent admitted there are no systems in place to alert them when recertification of firewall rules are needed.
The top reason cited for fudging audits was due to time restrictions and then the scope of the audit falling short of individual business needs as well as the worry that the reputation of those in IT security jobs could be tarnished.
It was also highlighted that automation of the firewall audit is happens in only 7 percent of businesses leading to 40 percent having to commit around four weeks per year to firewall checks.
The marketing and business development vice-president for Tufin Technologies, Shaul Efraim commented:
“This year’s survey reveals that, more than budget constraints or any other factor, time is the security manager’s most precious resource. We were surprised to learn that half the sample is still doing basic tasks manually such as tightening up permissive rules, looking for shadowed rules or recertifying rules.”
As issues with risk management continue to increase the next generation of candidates looking for information security jobs need to put their skills to use automating manual processes so that they can focus their time and energies on more strategic areas of risk and network threat.