Moat and castle still top security strategy

April 14, 2005

M

any companies still rely on a "moat and castle" approach to network security, according to a survey of CISOs by Preventsys and Qualys. Fifty-two percent of the 50 Fortune 1000 CISOs surveyed by the vendors at a recent executive breakfast seminar series said they relied on traditional perimeter security.

Forty-eight percent said they consider themselves to be proactive when it comes to network security, which runs counter to the reactive perimeter-based approach, according to Qualys and Preventsys executives.

"These results highlight the need for large enterprises to improve their approach to managing security and really cover all parts of their network, not just the perimeter, so they can actually become as proactive as they aspire to be," Tom Kuhr, vice president of marketing at Preventsys, said in a statement.

The survey also found that 46 percent of CISOs spend more than a third of their day analyzing reports generated by their various security systems.

CISOs said their top concerns this year are protecting their networks from unknown threats and regulatory compliance. This follows on from another survey (as reported in SC Magazine) which found that companies are taking security policy implementation more seriously and making employees use harder passwords.