A  survey conducted by Bricata, a network security company, found 64% of security professionals said network security is getting harder and a fifth of all respondents it is getting significantly harder. 

That’s probably not surprising, but what’s more important is understanding “Why?” and twenty-nine respondents gave answers as to why security is getting harder. 

Here are those answers.

1) Attacks are more sophisticated.
Spending and awareness at the executive level continues to grow, however attacks and exploits are becoming increasingly more advanced and difficult to defend or protect from.
2) More vectors of attack. 
The risks to networks have become more significant from other attack vectors than a specific network intrusion. Some of those vectors are becoming harder to manage, can affect networks, but I wouldn’t refer to them solely as network security issues.
3) Organic network sprawl.
More things keep getting added to the network and more computer systems proliferate throughout offices with more vulnerabilities.
4) Business acquisitions and cloud add to the network.
Acquisitions have made it more challenging. Supporting both AWS and Microsoft Azure cloud services also testing our support limits as development rushes into this space headlong. Where responsibilities moved from a traditional hardware stack to Amazon Web Services (AWS). Network security in AWS is a whole new ballgame to learn.
5) Zero trust. 
The perimeter is now fluid. With the onset of mobile devices, IoT and remote workforce, end users are requiring access from anywhere, at any time with the same functionality provided from an office workstation on the network.
And there have more deep hackings into previously thought solid safe spaces.
6) Lack of network visibility.
It’s due to moving services to clouds and using end-to-end encryption, it is not easy to see what is going on there.
7) Threat actor collaboration.
The bad guys are working together more than us good guys.
8) Training hasn’t kept pace with attacks.
It doesn’t feel like training or education is keeping pace for defenders with what attackers are capable of doing.
9) Hackers have tools too.
Hackers are using more complex and comprehensive tools and internal users are seemingly less aware of what they do to reduce protection.
10) Third-party and supply chain threats.
There is an increase in threats from third-party networks and IoT devices.
11) Ransomware variants. 
Ransomware variants are growing, and threats are evolving.
12) User error and complacency. 
Still having issues with user errors; challenges of attacks are getting more sophisticated.
Threats are not going away, and people are becoming to a point more complacent.
13) Security is playing catch up.
We are playing catch up because security wasn’t a priority with this company until recently.
14) State-sponsored attacks.
An increase in threats, state-sponsored attacks.

Source: Cyber Security Intelligence