How can a network be over secure? Isn’t that like having too much money or too much happiness? Well, not quite. There are many types of malicious attacks on networks every day. These attacks are getting more sophisticated and more diverse. Therefore, network managers are deploying more specialised security tools to defend against new and continued threats. With each new threat, comes a new defensive tool. Using a piecemeal approach to network security can actually create new vulnerabilities.
Growing Complexity of Security Tools
As new security tools are purchased, engineers need to be trained to deploy, manage, update and maintain these new technologies. They must be seamlessly integrated with the existing infrastructure without interfering with other tools.
According to a newly released report by BlackFOG, a cyber security firm, organisations in the US and UK are using an average of 20 tools to combat cyber threats. At the upper end, 22% of those surveyed are using more than 31 tools. The same survey also asked if these firms had the requisite skill set to support a new security tool. Of the respondents, 32% replied that their organisation lacked the skills to support a new product. The same research showed that 50% of the respondents had been prevented from adopting a new product due to integration issues with the legacy infrastructure.
Time Flies
As new tools are added, time and technology become an issue. When integrating new products into the network, it is important to analyse the performance and technology of existing tools. Are the legacy tools operating at the current version? How old is the current version? Can the legacy tools operate at the same speeds as the new tools? Will older tools impact the performance of the newer tools? Will the added complexity of numerous tools create delay or impact overall network reliability?
The answers to these questions are critical to the success of any project where new tools are added to the existing infrastructure. It is important to approach tool integration holistically and avoid focusing only on the specific threat being addressed.
Threat Landscape Analysis
Rather than directly responding to each potential specialised threat as information develops, it may be advantageous to proactively take a look at the entire threat landscape. A ranked analysis of potential threats and existing network defences may reveal some helpful information.
What are the odds of our organisation experiencing a serious cyber attack?
Some organisations are more likely than others to be attacked such as healthcare, government or finance.
Some countries are more likely to experience attacks. The UK is the most attacked country in Europe with 43% of all attacks.
Certain types of software are more open to attacks.
Are there redundancies with the existing tools that are in place?
How can protection be strengthened through employee training?
What are the critical ingress and egress points to be protected?
Are company policies on information access and retention clearly developed and communicated?
Can a consolidation of existing tool vendors help reduce complexity, training and budget?
Are any of the security tools themselves vulnerable to attack?
A Prison Within a Fortress
A prison is designed to keep people in a confined area. No one is allowed to leave without proper authorisation. Gates and checkpoints must be cleared prior to leaving the prison walls.
A fortress is designed to keep people out of an area. Walls and moats surround the protected area. No one is allowed in without proper credentials. This must be the foundation of a strong security architecture. Impenetrable walls keeping bad actors out and strong perimeter protection keeping valuable information from leaving without authorization.
Both fortifications must be immune to attack or deception. However, even the tallest, thickest walls are sometimes breached. What would happen, though, if the walls were invisible. Attackers would not have a target if they could not see the walls they intend to breach.
INVIKTUS
Network Critical, a global innovator in network security and visibility has developed a new solution that is foundational to a strong security architecture. It is called INVIKTUS. Unconquerable. Having no MAC address or IP address INVIKTUS is invisible to the network, therefore, unhackable. Even the smartest bad actor cannot hack what they cannot see.
While external protection is important, many network breaches are the result of human error or internal resources being compromised. INVIKTUS goes beyond perimeter security, which only focuses on external threats. INVIKTUS Zero-Trust keeps networks secure from internal as well as external threats.
Zero-Trust approach assumes that internal sources are unsafe and enforces multi-layered policies that apply the same controls to internal and external sources. This ensures any attempt to access network services will face the same audit controls regardless of their source. For more detailed information on Zero-Trust technology see our white paper at: Zero Trust Security
INVIKTUS is simple to set up and deploy with our unique Drag n Vu graphical interface. Set it and forget it.
A prison within a fortress with invisible walls. Protect your network infrastructure and information from internal and external threats with INVIKTUS. For more information or a design consultation go to: Support
