Badly configured networks are one of the biggest causes of data breaches according to a majority of IT security professionals.
Some 76% of IT professionals polled at the Defcon 18 hacking conference in Las Vegas said badly configured networks are the easiest IT resource to exploit.
About three-quarters of networks are vulnerable to attack because they are not properly configured, the survey by security firm Tufin revealed.
More than half of respondents said misconfigured networks were caused by IT staff not knowing what to look for when assessing network configurations.
Other factors to blame are insufficient time or money for audits (18%), compliance audits that do not capture best practice (14%), and threats that change faster than they can be addressed (11%).
"The really big question coming out of the survey is: how to manage the risk that organisations run dealing with the complexity that is part and parcel of any medium- to large-sized company's security operations," said Reuven Harrison, chief technology officer at Tufin.
Automating configuration and security management is the best way forward to solving this problem, he said.
With 75% of respondents calling themselves hackers, Harrison said that network managers need to "sit up and smell the coffee" on the fact that network misconfiguration is now a primary security issue for their IT staff.