Are you prepared to defend your network?
Just as employees expect to work in a physically safe space, they also expect that their digital work is taking place on a secure network. They want to feel that their hard work crunching company data will be protected from hackers seeking to steal or manipulate the information, and they want to be able to trust that the files they receive from their coworkers are safe. IS professionals are the knights tasked with protecting their companies’ digital realms from invaders to ensure a safe working community.
Years ago, the work of network security was likened to building a moat. By pairing software applications and hardware devices, such as firewalls and secure routers, IS professionals can build a protective barrier around a company’s computer network. However, as technology has evolved and networks have expanded to include remote employees working on mobile devices, laptops and tablets on Wi-Fi networks equipped with varying levels of security, the borders of network territories are changing and blurring. The number of potential network entry points has multiplied, requiring IS professionals to find new ways to defend these extra doors and protect company information from unauthorized access and modification, misuse and theft.
But protecting the borders is not enough. According to IBM, 60 percent of cyber attacks in 2015 were launched from the inside. Hackers can quietly enter a network and sit dormant for weeks before launching an attack. In this case, the threat is coming from the inside, not the outside. Attacks also can be launched by ill-intentioned employees or even customers, vendors or other partners who have access to a company’s network.
However, sometimes the cyber attacks happen unintentionally when a user clicks on a bad link or downloads an infected file without realizing that he or she is giving a hacker access to a network. In the case of bring-your-own-device networks, workers may store company data on unsecure devices, which leaves the information open to attack, IBM points out. IBM’s latest research notes that two-thirds of record breaches in 2017 resulted from accidental insider threats — a third of which were the result of spearfishing.
To defend against these threats, cyber security experts advise that organizations convert to a zero-trust network. The guiding principle of a zero-trust network is to never blindly trust any activity but to instead verify that it is a safe practice. According to Palo Alto Networks , this enables IS specialists to detect lateral threat movement within a network and set up sub-perimeters to monitor and stop attacks within a network.