About Juniper

Press Releases

Web-Based Security Concerns Still Linger in Asia Pacific Despite Investments in Emerging Networking Technologies: Ponemon Institute Report

On Average, 55 Percent of Organizations Surveyed in the Region Still Prioritize Point Solutions Over a Holistic Approach to Managing Cyber Security Threats

SINGAPORE, April 4, 2013 - Juniper Networks, the industry leader in network innovation, today announced the findings of a new Ponemon Institute report, which revealed that IT and IT security practitioners in Australia, China, India and Japan were the most concerned about web-based cyber security threats and denial of service attacks.

Commissioned globally by Juniper Networks, the Efficacy of Emerging Network Security Technologies study sheds light on organizations’ use and perceptions about emerging network security technologies and their ability to address serious security threats. In this report, Juniper Networks uncovered key concerns and security threats that 2,054 IT and IT security professionals in Japan, China, Australia and India encounter at their companies on a daily basis, with theft of their organizations’ intellectual property being one of the top concerns that keep them up at night.

News Highlights

Organizations in Asia Pacific are witnessing a growing sophistication of cyber attacks and a changing threat landscape. These challenges are forcing companies to invest in emerging network security technologies. However, respondents in Australia, Japan and India confirmed that they have experienced at least two security breaches in the past 12 months. Furthermore, 47 percent of them agreed that emerging network security technologies are not effective in minimizing attacks that aim to bring down web applications or block unwarranted Internet traffic.

Perceptions about emerging network technologies

  • Securing web traffic is the biggest security concern plaguing the IT sector, revealed 64 percent of respondents in Australia and India, 61 percent in Japan and 59 percent in China.
  • Despite the rise of external attacks that call for more comprehensive and holistic security technology investments, the study shows that 55 percent of the companies surveyed still continue to focus on the inside-out threat.*

Network security posture of participating organizations

  • The security posture of Australian organizations surveyed was rated the lowest at 4.5 (based on a scale of 10 being very effective), while that of China was rated the highest at 5.3. Similarly, Chinese and Japanese respondents rated their organizations better (a rating of 5.0 and above based on a scale of 10 being excellent) in detection and prevention of cyber attacks than those in India and Australia.
  • Organizations in Asia Pacific recognize the need to attract competent and skilled security professionals in the industry, especially because 52 percent of the respondents believed that emerging network security technologies used by their organization are dependent upon in-house personnel who possess the knowledge and expertise to operate them effectively.
  • The lack of system connectivity/visibility, malicious insider risk, mobile devices (such as smart phones and tablets) and cloud computing infrastructure/providers are perceived as the greatest risks to network security and threaten their network security posture. On the other hand, respondents were least concerned about the effects of network server environment, data centers and lack of organizational alignment.

Efficacy in addressing network security risks

  • One in two respondents say their organizations use emerging network security technologies to heighten visibility to applications and the use of cloud services.
  • Intrusion Prevention System (IPS) and firewalls are considered the most effective features in the security control of the organization’s network.
  • Over 40 percent of respondents in Japan, Australia and China believed blocking of IP addresses in an effective security measure. Interestingly, 63 percent of respondents in China believe it is effective.

To effectively secure data centers Juniper Networks believes companies must have knowledge of the attacking devices, not just the IP address, and quickly disseminate that intelligence across the data center and into the network. Juniper Networks can deliver this intelligence through its Junos® Spotlight Secure global attacker intelligence service, which acts as the consolidation point for attacker and threat information, feeding real-time intelligence to Juniper’s security solutions. The first products to leverage Spotlight Secure security intelligence are Junos WebApp Secure and Juniper Networks® SRX Series Services Gateways.

Supporting Quotes

Juniper Networks

“Companies spanning several industry sectors are investing in emerging technologies, as well as in the personnel and expertise needed to manage and maintain them. However, it is intriguing that firms can feel confident in their security technology investments and their people, yet still believe that their networks face great risks. The biggest threats are those originating outside the network perimeter, taking the form of new variations on botnets, Distributed Denial of Service (DDoS) attacks and SQL injections, which simply put, is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. Clearly, companies need to renew their focus on zero-day defense and review their security investment weighting, to assess whether the areas of greatest risk are getting commensurate attention.”

- Doug Murray, senior vice president, Asia Pacific, Juniper Networks

Ponemon Institute

“Respondents in Australia, China, India and Japan share common challenges in securing their organizations’ networks such as web-based attacks and denial of service attacks. It is interesting to observe that despite being armed with emerging network security technologies, organizations in Asia Pacific find themselves to be sitting ducks for external threats. Organizations need to reflect on the shortcomings of their existing inside-out approach and seriously consider investing in a more comprehensive and holistic approach to network security in order to keep pace with a constantly evolving threat landscape.”

- Larry Ponemon, Ph.D., Chairman and Founder, Ponemon Institute

Additional Resources:

About Juniper Networks

Juniper Networks (NYSE: JNPR) delivers innovation across routing, switching and security. From the network core down to consumer devices, Juniper Networks' innovations in software, silicon and systems transform the experience and economics of networking. Additional information can be found at Juniper Networks (www.juniper.net) or connect with Juniper on Twitter and Facebook.

About Ponemon Institute

The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

Juniper Networks and Junos are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks and Junos logos are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

* The inside-out threat is about devices that sit inside the network that become infected and consequently used as a vector for data exfiltration. This is less about unwitting or malicious insiders and more about nefarious inside traffic resulting from the use of risky apps that lead to device infection and data loss.