Tufin Technologies bases its recommendations on research it has just carried out, which claims to show more than half of those responsible for IT security in large firms admit that their firewall is not safe from hackers.
And, said Tufin, a third of respondents to its survey revealed that they are exposed and left vulnerable due to everyday changes or updates to their firewalls.
Since the firewall changes often go unnoticed, Tufin said they can leave gaping IT security holes in company network perimeters that make them easy prey for the hacking and malware authoring community.
Tufin's research - which is based on system vulnerability interviews with more than 300 IT security specialists - found that 51% admit that, when their systems have crashed and the company has lost critical business downtime, it's usually because someone has made updates or changes to the firewall.
A third of interviewees blamed the IT security breaches that happen to their business on the changes to their firewall and systems, which often go undetected and get picked up by the hacking and malware authoring community who seem dedicated uncovering and exploiting the loopholes.
Michael Hamelin, Tufin Technologies' CEO, said that, when IT security mishaps do occur, 59% of IT security experts admit they hide them from their superiors - especially if it results in a negative IT security or compliance issue as it's just not worth the flack.
"Businesses being exposed to breaches, loss of information and revenue usually come down to people messing up, not noticing mistakes that have occurred and not having the tools in place to detect these mistakes or anomalies in the system", he said.
"As this survey has shown often the IT admin staff are over laden with work and under-resourced, leaving them exposed and afraid to admit their mistakes, as it could cost them their careers. We see this all too often once the horse has bolted and a hack or major breach has occurred."
In Tufin's survey, a quarter of IT security professionals admitted that they have rejected the best product on the market because they just couldn't stand the sales person who was selling the product to them.
With IT security compliance high up on everyone's agenda at the moment, almost half of the respondents in the survey also admitted that they have deployed products to meet compliance obligations even though they knew that it added no value to the company's IT security posture.
The survey also found that in the past six months over a quarter of IT security staff have been laid off, with a fifth admitting that this has impacted on their overall security posture.
"What does this tell you about the defences at most organisations? With three weeks to go to the holidays, now is the time to boost your organisation's defences against the hackers and malware authors who will be happily working over their mince pies during the break, breaking into your systems", said Hamelin.