The main IT challenge that many organizations face is simple: Cybercriminals continue to get better at what they do. In addition to being smarter and better funded, they’re also more organized. Indeed, a lot of the cybercrime we see today is carried out by organizations that are run like businesses, with clear hierarchies and solid training for well-paid employees.
Security experts who spoke earlier this year at the CDW Managing Risk Summit in Washington, D.C., warned that cybercriminals wield sophisticated techniques and tools to invade the IT systems of organizations of all types and sizes. Fortunately, defense solutions are evolving as well. Organizations looking to protect their data and applications are turning to a variety of strategies and solutions.
The Right Mix
Experts at the summit stated that most effective approaches to security balance several different solutions. Further, they focus not only on preventing breaches, but also on detecting successful attacks and responding to minimize the damage and speed up recovery.
Speakers at the summit identified network traffic monitoring as a reliable way to detect intruders. Network traffic analysis solutions observe connections, flows and objects on a network for signs of nefarious activity. Once normal patterns have been identified, abnormal traffic can be subjected to greater scrutiny. This provides security personnel with a way to spot and deal with suspicious traffic on their networks.
Sadik Al-Abdulla, director of security solutions with CDW, described network segmentation as a key method of protecting critical resources. This strategy requires network administrators to create, within an enterprise network, subnetworks that contain only the resources to which specific users have legitimate access, separating them from other devices. Segmentation limits the access unauthorized intruders may have to systems and data, even if they successfully breach the network perimeter, and minimizes their visibility of the network, protecting enterprise data while blocking attackers from moving laterally across the network.
“The fundamental necessity here is segmentation,” Al-Abdulla said. “Those devices have to be separated.”
Several summit speakers identified browser-based assaults as a leading attack vector. Organizations can limit the damage caused by web-based malware by isolating users’ internet browsing sessions from endpoints and networks. By safely isolating the browsing function, malware is effectively prevented from installing itself on the end-user’s system, removing one of IT security’s weakest points.
A common theme at the summit was to remind attendees that security is a process, not a collection of products and services. To achieve the highest possible level of protection, it’s important to maintain a focus on security throughout an organization. This includes providing periodic security training for end users, accompanied by testing to make sure they’ve been paying attention. “The more we can educate people, the more they can be sensitive and a little bit paranoid, the better it is,” said Mike Waters, director of enterprise information security with Booz Allen Hamilton.
IT leaders also should consider maintaining a relationship with security experts who have the insight and resources necessary to identify the latest threat trends and recommend appropriate countermeasures.
This blog post brought to you by: