Johannes Ullrich, the institute's research officer, said that one of the problems is the accidental implementation of IPv6. You may, he says, already have IPv6 on your network without knowing about it or configuring the technology.
As reported previously, IPv6 is designed to beat the numbering issues that users of the older IPv4 standard are now encountering, and offers a 128-bit address range.
Some sources have been predicting for some time that the current IPv6 numbering system is likely to be exhausted within two years.
According to Ullrich, Windows 7, OS X and Linux enables IPv6 by default and, during the last round of operating system updates, the technology has tended to be turned on by default.
The institute's research officer adds that devices running Apple's IOS, such as iPhone, as well as some Google Android devices, also come with IPv6 enabled by default.
Ullrich argues that the growth of mixed IPv4 and IPv6 networks – in some cases without the knowledge of IT security teams – can introduce a variety of potential security risks.
"Attacks designed to exploit IPv6 enabled devices could also be missed by intrusion detection systems that have not been correctly configured to deal with IPv6 traffic", he explained.
Ullrich says he believes that organisations have failed to grasp the full impact of a move to IPv6 or the amount of time needed to plan, test and secure any migration strategy.
"Many organisations will look at their own networks and not see a big problem staying on IPv4", he said.
"But say you need to connect to a supplier network in China and they have been forced to move to IPv6 due to their running out of addresses, your organisation may have to switch over very quickly", he added.
It's against this backdrop that Ullrich believes that it will take at least a year for larger organisations to move over to IPv6.
Although most modern routers and switches are IPv6 capable, he says, supporting SIEM, IDS, IPS and monitoring tools will need some degree of reconfiguration.
The application layer, he explained, is more problematic, which he says means that the IPv6 migration issue is comparable to the Y2K problem of a decade ago.