Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

The sneaky security risk of overprovisioning the network

By Mary Roark
shield-cyber-freepik1170.jpg
December 13, 2021

At the start of 2020, businesses set out to execute on the well-laid, carefully thought out plans they’d spent months developing. But just a little over three months into the year — those plans suddenly became void. The pandemic was a massive disruptor to the seemingly airtight 2020 strategies, and enterprises had to quickly pivot to make sure they were able to continue providing service to their end users. The network, a crucial tool for enterprise connectivity, became even more of a foundation for business continuity in the new remote reality. To manage unprecedented demand on the network, IT teams took to overprovisioning — adding additional capacity to the network — as a quick fix to maintain connections between employees, stakeholders and customers.


Network overprovisioning isn’t new; rather, it’s a common tactic used by IT teams to ensure performance is maintained throughout periods of unpredictable demand or network failures. Given networks act as critical infrastructure for businesses, even before remote work became the norm, overprovisioning was commonly used to maintain network continuity and ensure business continuity. Often, the cost associated with overprovisioning is much less than any potential losses due to network downtime. And within certain industries, those losses are beyond what could be measured from a monetary perspective. Take healthcare, for example; any issues in communicating with other providers or not being able to access certain information could be detrimental to a patient’s health and welfare. Regardless of whether the services are mission critical or not, network downtime or slowdowns can massively impact the quality of end-user experience.


The state of overprovisioning


Recent research looked at the current state and perception of overprovisioning, asking 500 U.S.-based enterprise IT teams about the practice and found that 67% of respondents — more than two-thirds — overprovision in an attempt to quickly counteract performance issues rather than address the root cause of performance degradation. Unfortunately, this can have dire consequences for businesses from a security standpoint since overprovisioning increases the attack surface and makes networks more vulnerable to bad actors. And with ransomware attacks, breaches and security issues doubling throughout 2020 (not to mention, the costs associated with managing them are higher than ever before), a common practice that increases these risks shouldn’t be the “go-to” fix. It seems that IT teams know this: as shown in the infographic below — almost three-fourths of respondents (72%) noted that security is their biggest concern when it comes to overprovisioning, and 62% believe their network vulnerabilities increase when they do so. So if the awareness is there, why are teams still turning to overprovisioning?



Copy-of-Infographic-pull-out-for-Social_2.png

Copy-of-Infographic-pull-out-for-Social_3.pngImages courtesy of Accedian


Be smart about network traffic.


The same research found that the challenges facing IT teams in addressing the issue centered around not having enough time (40%) and not having the right tools (36%). This makes sense; managing a potential traffic influx can be massively time-consuming, particularly without the right technology to help. Without this support, overprovisioning might seem like the only option to maintain service levels and ensure profits aren’t hit hard by degradations or downtime. But with the security risk greater than ever (and IT teams fully aware of this!), enterprises need to find another solution. The good news is that the right technology can help. 


Think about network traffic like physical traffic. When highways become too congested, and traffic backs up, the first approach to fixing it might be to build more lanes. For a while, this might work. But soon enough, the increased supply will lead to increased demand; more cars will use these new lanes, and before you know it, it’s back to heavy traffic. Instead, more infrastructure teams are turning to adding smart technology — using sensors and algorithms to understand traffic patterns, proactively identify potential bottlenecks and reroute individuals as needed.


The same should be said for the approach to fixing network traffic. Smart monitoring technologies can ensure traffic flows smoothly, any impending risks are flagged proactively, and that security stays a top priority. The good news is that these solutions exist, and yet more than half (54%) of respondents reported not having network monitoring tools in their tech stack. That means it’s just a matter of education. 


Lessons learned for 2022

We’re heading into the last few months of 2021, and enterprises are undoubtedly making plans for 2022. The biggest lesson learned from the past two years is to expect the unexpected and prepare your tech stacks for what might come. Businesses don’t know for sure what the next year will look like; what they do know is that maintaining enterprise connectivity and security is possible with the right tools. With the right network monitoring solution, overprovisioning, like other parts of 2020, can be something we finally leave behind as we enter the new year.

KEYWORDS: cyber security information security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Mary Roark is a cyber security thought leader. With over 30 years of technology experience, she serves as the VP of Cybersecurity Strategy at Accedian. She holds a CISSP certificate and has been an evangelist across various areas of security while at RSA Security, Sophos and security start-ups.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Coding on screen

Research reveals mass scanning and exploitation campaigns

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Man with suitcase walking toward sunrise

    Network security implications of the Great Resignation

    See More
  • blurred keyboard with wavy lines

    The impact of quantum computers and IoT devices on network security

    See More
  • SEC1219-cybergap-Feat-slide1_900px

    Cellular Connectivity at the Forefront of Network Security

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing