EMEA firms lagging behind US in firewall management & innovation

News by Jay Jay

Recent attacks highlight the importance of firewall management, the continuous monitoring of open ports and what firms need to do to prevent similar incidents from occurring in the future.

Earlier this month, the Taiwan Semiconductor Manufacturing Co. (TSMC), the world's largest manufacturer of computing chips - which recently announced that it would enhance its capital budget by £3.47 billion to significantly expand its production - suffered a virus outbreak that forced it to shut down several factories and computer systems.

The virus outbreak took place during the installation of a third-party software in the firm's computer network. The software required security teams to open ports in firewalls and as soon as a port was 'unscrewed', a virus hidden inside the software quickly spread across the network, thereby forcing the emergency shutdown which may impact the firm's third-quarter revenue by about three percent.

This incident highlights the importance of firewall management, the continuous monitoring of open ports and what firms need to do to prevent similar incidents from occurring in the future says Paul Clark, regional manager for Northern Europe at FireMon. He adds that companies are aware of how critical firewalls are to ensure data security, but what's essential for firms is to implement basic firewall management that includes policy compliance, audit readiness, and firewall rule optimisation.

The new 2018 State of the Firewall report released by FireMon notes that even though 94 percent of firms across the globe view firewalls as critical as ever or more critical than ever and nearly one-fourth of them allocate more than 25 percent of their total network security budget to firewall technology, firms based in the EMEA region (Europe, Middle East and Africa) are lagging behind their counterparts in the United States when it comes to firewall management and innovation.

According to FireMon, firewall management in the EMEA region is marred by "chaos and confusion", that only seven percent of cyber-security professionals in the region view firewall services as high value, and a third do not know who is responsible for cloud operations in their organisation.

In comparison, 48 percent of cyber-security professionals in the US view firewalls as high-value resources, 83 percent of them know who is in charge of cloud operations in their organisation, and they are also more likely to use third-party firewall solutions in their cloud environments compared to those in the EMEA region.

What's more, cyber-security professionals in the US also trump those in the EMEA region when it comes to using Software-Defined Networking (SDN) or virtualisation. Figures released by FireMon show that only 24 percent of security professionals in the EMEA region are likely to use SDNs and 33 percent of them are likely to use virtualisation solutions compared to 44 percent and 57 percent in the US respectively.

"It’s clear certain organisations in EMEA aren’t aware of the risks of firewall failures in cloud environments. Overall, US businesses tend to be more aware of the risks. From a cloud perspective, we can reference a breach routed in a third-party cloud environment that did not follow the same policy as the on-premise environment," said Clark.

He added that EMEA businesses are probably working with the cloud in a very piecemeal way as their main priorities are reducing compliance issues and increasing the chances of a cloud project being given the go-ahead. Considering that firewall solutions will continue to be used with next-generation architecture with as much vigour, firms need to enhance their firewall management abilities to prevent malware from invading computer systems.

A reason why many companies are not able to effectively manage firewalls, according to FireMon, is that IT security teams at more than one-fourth of them have to monitor 100 or more firewalls on their network, 33 percent have to manage between 10 and 99 firewalls, and 16 percent of companies process more than 100 change requests each week.

"The only way to enforce consistent access policies across the enterprise is by implementing intent-based security. By decoupling intent from implementation, organisations can ensure continuous compliance with enterprise security intent that’s preserved as the network evolves," said Satin Mirchandani, CEO of FireMon.

Commenting on the Firemon report, Antti Tuomi, principal security consultant at F-Secure, told SC Magazine UK that he does not agree with FireMon's assessment that EMEA firms are lagging behind those in the US  in firewall management and innovation as certain firewall terminologies are bound to be misunderstood.

"Firewalls are generally considered one of the very basics of security: ask any engineer what comes to mind when you say the word "security", and they will likely respond that it’s anti-virus, firewalls, or encryption. It’s also very unlikely that European organisations would not have firewalls in place for their services or exercise caution when managing their firewall rules. There are, however, some differences when it comes to regulations and some of the findings might be down to the vocabulary used.

"In cloud environments such as AWS, when you start a new computing instance (which is pretty much the same as a virtual machine), you have to define a "security group", which controls what ports on the instance can be reached from the Internet. This is not explicitly called a firewall, yet the effect is, in practice, the same.

"The same goes for all networking-related features: if you define a new VPC (virtual private cloud) network and add a route to the Internet, or even just use an ELB (elastic load balancer), you are effectively using software-defined networks, even if the names do not indicate that," he said.

Tuomi added that cloud adoption in Europe is not as smooth as in the US as EU laws and regulations regarding privacy, the geographical location of data, etc might be more of a hurdle in deploying applications in cloud environments, most of which are controlled by US companies and/or geographically located in the US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews