WHY PERIMETER-BASED DEFENSE DOESN’T WORK
You do still need a perimeter-based defense system. Firewalls, endpoint protection solutions, and two-factor authentication are all necessary to ensure intruders cannot easily access your network and break into your systems.
But perimeter defenses are based on the idea that you can protect your important data with successive layers of defense. This used to work in a centralized, managed-device network, but those kinds of networks are becoming increasingly rare. Cloud networks, mobile and remote work, and global enterprises require networks that are adaptable to new business requirements. But with this requirement comes the need to build additional new controls into your cybersecurity strategy.
BUILD YOUR SECURITY FOUNDATION
In 2019, a great place to start your new cybersecurity strategy is from a device-level, bottom-up perspective. The days of you being able to protect your data from a centrally controlled location are over. You need to be ready to use some of the traditional methods—such as firewalls and intrusion prevention systems—in ways that leverage next-generation and innovative new versions of these products.
Applying these controls based on the context of the node or device being used (such as a smartphone or other BYOD – Bring Your Own Device) will allow your company to adapt as new technologies for cybersecurity and cyber attacks evolve.
THE BEST DEFENSE IS A GREAT OFFENSE
An important aspect of a great cybersecurity strategy is an offensive take on security. Building higher and higher walls is merely asking intruders to challenge your system defenses and find the weakest links.
Along with your defense barriers, you want a dedicated team to threat hunt and be on the lookout for new attacks. These members of your IT department continuously research new methods of attacks and watch for potential breaches in vulnerable or high-value targets.
Simultaneously, “pulse” your security systems and put your defenses through their paces to see how they react to threats. Practice with mock phishing email attacks or potential breach methods. When done in controlled ways by your allies (i.e., your IT department or a hired security Red Team), you can locate potential vulnerabilities before they are exploited by malicious attackers.
INCIDENT RESPONSE PLAN: AGENCY TO ACT
Without a robust incident response plan as part of your cybersecurity strategy, you run the risk of employees not knowing what to do when a data breach does occur. By assuming an attack will happen eventually, and preparing your IT department as well as all necessary employees in other related departments, people will be trained so they will know exactly what to do.
When a breach occurs, speed is of the essence. The difference of a few minutes or hours can mean a deeper infiltration of the intruder—and possibly more data exfiltration or destruction. By preparing your team with role-based processes for what each person should do, and letting them practice, you’re preemptively minimizing any damage that potentially can be done.
Ideally, you won’t need any of these plans and your cybersecurity strategy will keep you safe from attacks. Unfortunately, that’s not the reality of today’s digital systems. With a solid strategy in place now, your company will be vigilant and know that, even when an attack occurs, the damage will be minimal, the breach will be contained, and your company will go on.
That said, there is a clear sense among companies and IT professionals that network security must continue to change with the times. Cyber threats are becoming harder to trace and tackle – meaning that network security technologies and strategies need to be just as sophisticated.
For more information contact us at: info@cherubas.com or call (407) 416-7955