Years ago, the work of network security was likened to building a moat. By pairing software applications and hardware devices, such as firewalls and secure routers, IS professionals can build a protective barrier around a company’s computer network. However, as technology has evolved and networks have expanded to include remote employees working on mobile devices, laptops and tablets on Wi-Fi networks equipped with varying levels of security, the borders of network territories are changing and blurring. The number of potential network entry points has multiplied, requiring IS professionals to find new ways to defend these extra doors and protect company information from unauthorized access and modification, misuse and theft.
But protecting the borders is not enough. According to IBM, 60 percent of cyber attacks in 2015 were launched from the inside. Hackers can quietly enter a network and sit dormant for weeks before launching an attack. In this case, the threat is coming from the inside, not the outside. Attacks also can be launched by ill-intentioned employees or even customers, vendors or other partners who have access to a company’s network.
However, sometimes the cyber attacks happen unintentionally when a user clicks on a bad link or downloads an infected file without realizing that he or she is giving a hacker access to a network. In the case of bring-your-own-device networks, workers may store company data on unsecure devices, which leaves the information open to attack, IBM points out. IBM’s
latest research notes that two-thirds of record breaches in 2017 resulted from accidental insider threats — a third of which were the result of spearfishing.
As networks become more and more complicated and are bombarded by both outside and inside attacks, IS professionals have to institute a multifaceted approach to network security and keep a variety of shields and defense weapons in their armories. According to CSO
, these solutions can include
- access control
- application security
- behavioral tactics
- data loss prevention
- email security
- intrusion detection and prevention
- mobile device and wireless security
- network segmentation
- security information and event management
- web security.
Behavioral monitoring can be especially helpful with identifying threats. IS professionals need to know what their networks’ normal behaviors and application interactions look like so that they can spot anomalies, which often are signs of a cyber attack. This approach also offers an added benefit. Network behavior monitoring — coupled with analytics and machine learning — can help IS specialists unlock new efficiencies and address the gray areas of cyber security by fixing scenarios that are not totally bad but not totally good either. Michael Knapp
, director of sales engineering at Forcepoint, will share more information about this approach in his presentation “Putting the Human Back into Network Security
” on Wednesday, Oct. 17 from 11:30 a.m. to 12:20 p.m. at Cyber Security Atlanta.
Cyber Security Atlanta will take place Oct. 17-18 at the Georgia World Congress Center. Ticket info can be found here