Professional services firms stuck in network security IT doom loop

A survey from Aryaka has revealed that not only are overstretched IT teams currently facing performance issues, growing security threats, and the complexity of too many suppliers and tools, their problems are about to get worse with artificial intelligence (AI).

The study, The state of network security in business and professional services, surveyed over 100 senior IT and infrastructure leaders working in the industry and looked at how IT leaders are balancing cloud agility, security visibility and risk through generative AI (GenAI). It noted that as business services organisations pivot toward digital-first operations – offering finance, legal, consulting and HR services delivered through the cloud and remote work – they face intensifying network and security demands. New attack surfaces are emerging, applications are decentralising and IT teams are being pushed to scale with limited resources.

In addition, it highlighted how professional services firms are grappling with significant new networking and security challenges as they transition towards digital-first operations. Specifically, as companies are increasingly delivering services through the cloud and ramping up software as a service (SaaS) adoption to support remote and hybrid work, such decentralised, complex, cloud-based environments are harder to secure than traditional environments, introducing a range of new attack surfaces.

Resource-constrained IT teams are struggling to protect apps and infrastructure in these settings, which can grow quickly in scale, while looking to ensure consistent service quality across cloud-native applications and client-facing platforms.

Survey respondents said their top strategic networking and security priority was improving application and SaaS performance (72%), followed by gaining network and security observability (68%), and simplifying operations and reducing IT burden (48%). These priorities, said Aryaka, underscore that the sector is optimising for user experience and operational agility.

However, the survey also found that day-to-day networking and security hurdles are making it difficult to accomplish these strategic goals.

Overall, complexity and staffing gaps have created blind spots for services firms that affect both performance and protection. When asked about top networking and security challenges, respondents identified securing SaaS and public cloud apps (66%); managing remote user access and latency (58%); operating with limited internal IT staff (54%); managing too many suppliers/support contracts (46%); and gaps in performance and threat visibility (43%).

To make matters worse, the survey noted, organisations were failing to prioritise edge security. Despite the rise of SaaS and remote work, only 38% of business services leaders view edge security as “mission-critical”.

Edge-layer protections – such as zero trust network access, secure web gateway and next-generation firewall technologies – were seen as often fragmented or under-deployed. Just over three-fifths (62%) of companies reported data leakage from SasS platforms and 49% reported unmonitored shadow IT activity.

“Professional services firms are under immense pressure to deliver seamless digital experiences while protecting an extremely sophisticated and decentralised environment,” said Ken Rutsky, chief marketing officer at Aryaka. “This survey confirms what we’re hearing from the market every day: IT teams are overwhelmed by SaaS technology sprawl, latency issues and managing disparate security solutions. At Aryaka, we’re helping these organisations modernise with a unified approach that simplifies operations, boosts performance and strengthens security from the edge to cloud and back.”

Deploying secure access service edge (SASE) offerings was seen as a way to solve these network performance and security issues by 44% of respondents who were planning to adopt SASE in the next 12 months.

Just over a third of business services firms were actively evaluating or implementing GenAI, well ahead of peers in manufacturing, transportation and logistics. However, the survey found that most teams were underprepared for the corresponding performance and security implications.

The survey also found budget, bandwidth and bureaucracy as the leading blockers to network modernisation. Some 39% cited budget limitations; 32% noted internal IT resource constraints; and 21% highlighted fear of disrupting legacy environments.

In a call to action, Aryaka said that to stay competitive, business service leaders should adopt four key pillars, namely: advance observability across cloud, SaaS and AI; secure the edge with zero trust controls; converge with SASE; and adopt flexible delivery models.