A new report from security firm Sophos Group plc has found that information technology managers cannot identify nearly half of the traffic on their networks, representing a major risk to organizations and enterprises of all shapes and sizes.

The “Dirty Secrets of Network Firewalls” report, based on a survey of 2,700 IT decision makers in 10 countries and across five continents, was released today. It found that  IT managers cannot categorize 45 percent of their organization’s network traffic. Worse, nearly one in four cannot identify 70 percent of their network traffic.

Although those numbers may not immediately stand out as being bad, 84 percent of respondents said they agreed that a lack of application visibility is a serious security concern to their organizations. “Without the ability to identify what’s running on their network, organizations are blind to ransomware, unknown malware, data breaches and other advanced threats, as well as potentially malicious applications and rogue users,” the report noted.

Firewalls, usually the first line of defense in organizations, are said in the report to be mostly lacking in terms of providing adequate visibility into application traffic thanks to a variety of factors such as increasing use of encryption, browser emulation and evasion techniques.

“If you can’t see everything on your network, you can’t ever be confident that your organization is protected from threats,” Dan Schiappa, senior vice president and general manager of products at Sophos, said in a statement. “Improving network visibility is very difficult when network and endpoint security can’t directly share information. With governments worldwide introducing stiffer penalties for data breach and loss, knowing who and what is on your network is increasingly important. This dirty secret can’t be ignored any longer.”

Other takeaways from the report include organizations, on average, spending seven working days remediating 16 infected machines per month and 79 percent of IT managers polled saying they want better protection from their firewall. Nearly all, 99 percent, said that they want firewall technology that can automatically respond to isolate infected computers, while 97 percent want endpoint and firewall protection from the same vendor for more sophisticated and synchronized sharing of security information.

“Organizations need a firewall that protects their investment in business-critical and custom applications, and ensures employees have prioritized access to the applications they need to get their job done,” Schiappa added. “This requires a radically different approach to eliminating visibility gaps by having the firewall communicate with the endpoints to positively identify all networked applications – even obscure or custom applications.”

Image: Pixabay