Skip to main content

There is No Silver Bullet for Cyber Security but Unified Defense is Best Approach

By: ‎Mohammad Jamal Tabbara, Senior Systems Engineer – UAE & Channel at Infoblox
Enterprises of all sizes are falling victim to very determined malicious actors whose motivations range from financial gain to government sponsored campaigns. The threats are not limited to commercial enterprises but have significant impact on civilian and non-civilian government agencies.
The nature of what organization must address has changed dramatically over the past decade. The threat surface has expanded significantly, the nature of the threats is evolving at an unprecedented rate and the complexity of what makes up an organization has grown. Organizations have migrated from having a tightly controlled network with endpoints and devices provided by the company, to one where the very definition of an endpoint and device is changing, driven by the proliferation of the Internet of Things (IoT), organizational policies to allow employees bring their own devices on the network (BYOD) and the adoption of private and public cloud deployments. The definition of a network has changed too, it is no longer a walled garden but an amorphous structure where users can access organizational resources from anywhere, anytime, and from almost any device.
To counter these factors, organizations have started implementing solutions to address security. However, this might be a disappointment to several of you, but reflects reality. There is no silver bullet! - no single solution that can address all security issues. A “defence in depth” approach did not come about by accident but is based on the determination that while you might need a thousand solutions in your network, you need solutions that address different aspects of security.
You are not alone. Your networks have changed significantly and you have multiple solutions. That establishes a baseline. The question is what can organizations do differently to be better prepared. Here are some suggested best practices.

Introspection 

This means understanding your capabilities and risks. Just understanding the impact of being breached in terms of cost, downtime and reputation of the brand will help you prioritize what actions to take.

Get visibility 

Develop a clear picture of the key assets you have, where they are located, who has access to them, identify the most critical assets. In the digital age, data is king so knowing which devices have access to your data is key. Note that data is not just the domain of the large enterprise, but a reality for every size and type of organization. This assessment will lead to you the determination of what makes up your organization. 

Examine your architecture

With the proliferation of IoT, adoption of BYOD, growth in use of virtualized environments, and adoption of public and private cloud infrastructures – all require that you step back and examine how you architected your core network. Focus on the outcomes you desire while you examine the architecture – is your network architected to maximize availability and ensure continuity even if it is under attack, have you secured your data paths to make sure you are protecting every known avenue that can be used to steal that data, does your protection extend to the physical and virtual elements in your network.

Do a process inventory 

Technology is a key element to addressing security challenges, but technology is part of the solution. People and processes play an equally important role in maintaining a robust security posture. Developing an understanding of how sensitive information is handled, who has access to sensitive information, your internal policies on how you treat sensitive data, policy enforcement mechanisms and ongoing training of personnel handling sensitive data must be part of the overall solution.

Start by addressing the basics 

Often organizations invest in the latest and greatest technology and buzz word driven solutions. Sometimes there is a perceived correlation between “high end solution” and impact. But there is a difference between perception and reality. Organizations must start with the basics.

Institute best practices 

Like I said above, people and process are a critical component of addressing your security posture. Make sure you have instituted best practices around passwords, patching your systems with the latest updates and keeping up to date with your hardware and software.

Address the core of your network 

Organizations that have adopted a defense in depth approach have done so for several critical applications like e-mail, web traffic and endpoints. Often, they ignore the core of their network –the basic systems that allow access to applications and services on their network. In other words, core elements like DNS, DHCP and IP address management, often referred to as DDI.

Get help 

Too often organizations rely on internal expertise, but budget constraints and the availability of trained security experts constrain their ability to have the extensive coverage they need. Help comes in many forms, technology and external expertise. Augmenting the team’s skill sets with the latest development in technology that allows automation and leverages machine learning to drive better insight into threats is key. Relying on security expertise from organizations that specialize in security is often underutilized.

Unify your approach 

Make sure that all the elements of your defense in depth approach work in unison. This means that when one system sees a vulnerability that information should be shared with the other parts of the infrastructure. Whether that information is an indicator of compromise or threat intelligence – the information should be shared. For example, if your DDI infrastructure identifies a new device on the network, that information should be shared with a Vulnerability Scanner so it can scan the device to ensure its integrity. While the information in isolation is useful (a new device on the network) it is becomes actionable and more impactful when it is shared with other parts of your infrastructure. Of course, this requires that the vendors you select have an open approach and have built their products with the ability to share information with other parts of your infrastructure.

Comments

Popular posts from this blog

Cloud Computing powering India’s priority of ‘Digital-first country’

By: Sunil Mahale, India MD and VP, Nutanix
Digital transformation has been recognized as being vital to the growth of our nation. This transformation has enjoyed the unanimous approval and contribution from all stake holders including enterprises, MSMEs, government bodies and citizens. But this level of adoption in a country with a population of over a billion people would need a robust technology base that is capable to collecting and distributing vital data seamlessly.
Digital India envisions creating high speed digital highways, that will impact commerce and create a digital footprint for every individual. Technologies based on mobility, analytics, Internet of things and most importantly, cloud technologies are the building blocks for the digital India missionThere is a growing need to manage huge volumes of data, and making them readily available to public through digital cloud services. Cloud has a pivotal role in enabling this change.
While Data centers have become crucial to th…

RevStart launches its RevItUp Incubation Programme

Underlining its vision of creating a nurturing ecosystem for start-ups to grow in, RevStart, a co-working and incubation centre, has announced the launch of its RevItUp Incubation Programme. The 12-week long programme will be held at RevStart Incubation Centre in Noida from July 1, 2018 onwards. As part of the programme, RevStart will select five high potential start-ups from the ed-tech sector, AI, Consumer Internet, Sustainability, as well as for-profit social impact companies to assist them with developing their business, along with connecting them to global mentors across industries and sectors. In addition, start-ups selected for the programme will receive INR 5 lakh to Rs. 25 lakhs worth of cash and benefits, while RevStart will get an equity stake in the ventures.
The RevItUp Incubation Programme has been created to enhance the founding team’s industry, product, and company building knowledge and capabilities through a world-class curriculum. The programme will focus on tailor…

Insurtech startup Kruzr raises $1.3 Million from Saama Capital and Better Capital

InsurTech startup Kruzr has raised 1.3 Million USD (Rs. 9.5 Cr) for its seed round led by Saama Capital with participation from Better Capital. Kruzr is a preventive motor insurance technology which helps insurance companies personalize policy premiums & improve their risk model by delivering an engaging preventative driving assistant to their customers. Kruzr is founded by Pallav Singh, Ayan, and Jasmeet Singh Sethi.

Kruzr blends the power of voice technology and artificial intelligence in its personal driving assistant that helps drivers minimize mobile distractions, drowsy driving, speeding and external risks like weather and accident-prone zones. In pilots with insurers, Kruzr managed to cut down distracted driving by 80%. Kruzr is working with motor insurance companies in Europe, UK and India to bring its technology to their customers to prevent accidents & improve claims.

“Road accidents cause over 1.3 million deaths globally every year, and motor insurance companies los…