These results paint an emergent picture of the security posture of most organizations today. Businesses and networks of all sizes have deployed solutions that are effective at detecting known threats. Stated another way, these solutions are not successful at spotting unknown threats, or the "black swans" of security. And if we further consider that the biggest threats are those originating outside the network perimeter, taking the form of new variations on botnets, DDoS attacks and SQL injections, we can understand why networks are sustaining continued breaches despite having the latest protections on hand. In fact, respondents in Asia Pacific had on average experienced two security breaches in the last year.
There are several invaluable takeaways we imbibe from the findings of the Ponemon report. Most importantly, there is a clear need for renewed focus on zero day attack defense. Security practitioners have to review our security investment weighting, to assess whether the areas of greatest risk are getting adequate attention. Given the survey results, it seems that firms are addressing only half of the threats against them -- those originating from within networks and those that leverage known exploits.
Organizations have options beyond settling for partial defenses. Methods that extend known signature and pattern matching are joining the ranks of "emerging" network security and are poised to layer and evolve the IP-only based methods already installed. These new technologies leverage device identification, big data analytics and broad-based intelligence sharing. They are making security enforcement more effective by quickly detecting and shutting unknown threats and attackers often within seconds of emerging and before a breach has occurred.
Douglas Murray is senior vice president of Asia Pacific, Greater China and Japan at Juniper Networks. Prior to this role, he held various senior management positions at Extreme Networks, Sun Microsystems and AT&T.
Sign up for CIO Asia eNewsletters.