[BreachExchange] Five network security deficiencies endangering your corporate data

[Inga Goddijn]

https://www.itproportal.com/features/five-network-security-deficiencies-endangering-your-corporate-data/

The adoption of cloud technologies is rapidly becoming a priority for
businesses, with the UK business adoption rate already at 88%
<https://www.cloudcomputing-news.net/news/2017/dec/19/2018-cloud-trend-return-premises-solution/%20>.
Increased agility, reduced cost and easily accessible data are at the heart
of why businesses have been jumping towards the cloud, keen to profit from
the many advantages it has to offer. While more and more sensitive company
data is being moved into the cloud, the security of that data has become a
critical issue for organisations in many industries.

Barely a week seems to go by without news of another cyber-attack hitting
the headlines, prompting businesses to invest heavily in next-generation
technologies in an attempt to protect their infrastructure and keep their
confidential data secure. In fact, Gartner has forecast that worldwide
enterprise security spending <https://www.gartner.com/newsroom/id/3836563>
is set to reach $96 billion in 2018, up 8 per cent from last year.

One such technology that plays a key role in securing the organisation are
network security policies.  These rules ensure that only the right people
have the right access to the right information, putting the organisation in
the best possible position to prevent breaches from occurring.

However, there are several common pitfalls that businesses can fall foul of
when implementing their security policies. Here are five of the most
prominent that could be leaving your business vulnerable to cyber-attacks.
1. Having poor visibility over the network

Arguably one of the biggest mistakes a company can make when configuring
network security policies is to attempt to put policies in place without
first gaining full visibility of the network.

Today’s enterprise networks are vast and complex, and organizations often
struggle to gain full visibility. This hinders the ability to put strong
policies in place. This is also the case when making necessary changes to
those policies across the entire network. For example, if one policy is
changed it might have the knock-on effect of reducing security somewhere
else. By incorporating a centralised solution that looks across the whole
technology architecture, staff can manage all corporate policies through a
single console and see the potential implications of policy changes before
they are made.

To put it another way, you can’t manage what you can’t measure – so start
with visibility.
2. Not aligning network security policies

This one may sound obvious, but having network security policies in place
is self-defeating if they inhibit the business they were intended to help
protect in the first place.

Businesses are sensitive to the fact that they need to comply with measures
to protect critical assets, but if that prevents them from using the
applications essential to getting the job done, they will find ways around
these policies.  The solution is to provide visibility into how application
connectivity is maintained in coordination with underlying network security
policies.  This approach ensures that the business and security teams are
always in sync and aligned to the end goal. From a management point of
view, businesses need to have visibility into their application connections
in order to understand the effect that could accompany any network policy
changes and their impact.
3. Leaving open vulnerabilities

Today’s cyber-attacks are becoming more sophisticated than ever before and
new variations of both known and unknown threats are being discovered at an
alarming rate.

For example, 18 million new malware samples were discovered
<http://www.pandasecurity.com/mediacenter/pandalabs/pandalabs-q3/> in Q3
2016 alone – equal to 200,000 per day – and ransomware attacks on
businesses reportedly
<https://securelist.com/kaspersky-security-bulletin-2016-story-of-the-year/76757/>
increased three-fold between January and September 2016.

This means organisations must keep their network policies up to date by
carrying out regular patches and system analysis, which requires a
centralised management system that looks across the whole IT environment.

Hackers are constantly on the lookout for vulnerabilities, meaning no
company - irrespective of size of industry focus - can afford to leave
holes unplugged.
4. Creating inflexible policies

Striking the right balance between security and convenience is not an easy
task, but key to ensuring policies are adhered to. Any procedures that
significantly hinder an organization’s agility or an employee’s ability to
do his or her job will likely result in them being overlooked or ignored.

The other danger is that staff will find a workaround, which can
potentially have serious security and compliance implications. This is when
‘shadow IT’ comes into play, where employees use  applications at work
without the company’s knowledge or control - according to one poll
<https://www.spiceworks.com/marketing/state-of-it/report/>, 78% of IT pros
said their end users have set up unapproved cloud services – each of which
can represent a potential unmanaged risk.

It is therefore essential that organisations have tools in place that allow
them to easily adhere to and manage security policies. Anything that forces
people to drastically change the way they work, or results in an
organization’s lack of agility, is counterproductive. Increased security
interwoven with business agility is the ultimate goal.
5. Not embracing automation

As complexity in virtually all areas of network security and compliance has
increased, automation has grown to become a central component. There are
now simply too many change requests to increasingly diverse networks for
security teams to keep track of manually, leading to human error and
increasing the exposure of the business. The role of automation is now not
only a possibility but an essential tool for keeping pace with this degree
of change and complexity.

Finally, automation also has a key role to play in network security policy
management and continuous compliance. Policy-driven automation ensures that
an organization is compliant with internal and industry guidelines at any
given point in time.  However, it also means that the control plane can be
adjusted at policy level and then implemented immediately across the
network, further lifting the security level when required through
adjustment, and delivered as a business-as-usual task. By connecting
security to operations in this way, companies can vastly improve their
resistance to constantly evolving threats. This is a critical point in
making a tight security posture a reality all the time, rather than
“better” for a moment in time.

With a shortage of skilled IT professionals, and a dependence on the work
they do, these teams tend to be stretched on a day-to-day basis within
their organisations by mundane administrative tasks below their paygrade.

A comprehensive network security infrastructure should therefore look to
policy-based automation in order to reduce complexity, increase visibility
and free up resources to focus on more complex tasks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180610/b5ecf0a1/attachment.html>