TMCnet News

Current ACFW's Leave Gaping Holes in Enterprise Operational Efficiency Metrics
[April 18, 2024]

Current ACFW's Leave Gaping Holes in Enterprise Operational Efficiency Metrics

AUSTIN, Texas, April 18, 2024 /PRNewswire/ -- SecureIQLab LLC, the premier cloud security validation provider, today announced the release of the findings of their ground-breaking 2024 Advanced Cloud Firewall (ACFW) security validation report. Unlike tests from any other organization, SecureIQLab combines security efficacy metrics with operational efficiency assessment metrics which are critical in securing and improving the overall security investment strategy for enterprises.

The findings demonstrate that operational efficiency should be very concerning to CISOs in particular, as they require highly efficient solutions that minimize complexity and can be effectively managed with minimal employee engagement. On average operational efficiency was 74%. Without the aid of the top four performing solutions, the average score would be a scant 63.9%

According to Phuong Nguyen, VP of Product Security, "CISOs need more than just security efficacy metrics, product costs, and support expenses. They need insights into the overall costs associated with the resource expenditures. Operational-efficiency metrics play a critical role in assessing factors that impact the ease or complexity of managing security products, thereby influencing human resource spending."

Tested vendors include Amazon AWS, Check Point, Forcepoint, Fortinet, Juniper Networks, Microsoft Azue, Netgate, Palo Alto Networks, SonicWall, and WatchGuard. The solutions were subjected to thousands of threats across multiple attack surfaces targeted across two dozen threat categories and evaluated for operational efficiency using twelve key metrics that Enterprises are focusing on.

While there were a few stand-out vendors, on the whole, security efficacy was dangerously low. The average security efficacy score is 67.18%; however, without strong performances by four vendors, that metric would barely surpass 50%.

SecureIQLab Chief Scientist Jayendra Pathak observed, "The pragmatic approach to cyber security must be viewed through the lens of risk management. As workloads have been moving in and out from cloud environments, it is essential for firewalls to enforce control and inspect such workloads, be it cloud-native or lifted from a data center and put into the cloud bucket. It's advisable that such workloads should be viewed from a risk management point of view rather than security efficacy. Risk management directly ties to operational efficiency provided by Advanced Cloud Firewall. This is due to the notion that understanding risk stemming from workloads, devices, and users helps organizations make better decisions due to the usage of such systems. This, in turn, helps organizations to become operationally efficient and focus on its core capabilities and business strategy.

Although the majority of the tested ACFW solutions performed well in some categories, only four of the tested vendors were able to deliver the security efficacy performance required in today's cloud-centric environment. We look forward to advancing the efficacy of ACFWs through advanced security validation testing."

Senior Security Analyst Randy Abrams added, "With the vast majority of data being stored in the cloud, and cloud misconfigurations being the most common cloud vulnerability, complexity in security solutions is a serious problem. Business continuity management and risk assessment and mitigation are the three most problematic areas of concern. However, security policy management is significantly concerning as well."

SecureIQLab is dedicated to advancing ACFWs to ensure they offer the essential protection and operational optimization required in modern cybersecurity environments. Full results of the comparative, as well as individual results of the vendor's ACFW solutions, can be found at Reach out to SecureIQLab for more information about the performance of cloud-based security solutions, as well as inclusion in future tests.

About SecureIQLab

SecureIQLab is a US-based independent, third-party cloud security solution validation and advisory provider. SecureIQLab's cloud security methodology is tailored to what enterprises want, blending research, risk management, and data modeling performed by our deep bench of domain experts. SecureIQLab is a member of the Anti-Malware Testing Standards Organization (AMTSO), NetSecOPEN, and the Association of Anti-Virus Researchers (AVAR).

Media Contact:
David Ellis
[email protected]

Cision View original content to download multimedia:

SOURCE SecureIQlab

[ Back To's Homepage ]