Network Security In The Digital Transformation Era
Network security has, for decades, remained one of the more focal aspects of IT management strategies. It consists of the policies and practices that businesses implement to protect their computer networks from cyber attacks. Such strategies are responsible for stopping people from accessing and modifying networks without the permission of system administrators.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Most cyber security professionals agree that every business needs some form of network protection system in place, or they risk falling victim to cyber attacks.
It is also widely believed that these are the most effective protections against malware. Often, IT managers use network security procedures to control who can see and use company data. Usually, employees will need an ID and password combination to be able to get into company networks.
Traditionally, there have been two types of network security: public and private. Normally, private networks are reserved for use by employees within the company walls.
Meanwhile, others are designed for public use. Whatever the case, public and private security systems serve the same purpose – and that is to secure business networks. However, much of this technology has remained the same for years.
Cyber security threats are constantly growing in complexity and volume, and business networks continue to be lucrative targets for hackers. So companies need to have the most effective network security strategies in place to counter sophisticated attacks.
With the emergence of powerful detection and response capabilities, companies should be rethinking their network safeguards to change with the times and counter the ever-evolving attacks used by cyber criminals.
In the light of this changing threat landscape and businesses pursuit of digital transformation, we explore what CIOs are doing to protect their network.
The rise of cloud
Businesses are increasingly investing in cloud computing technologies, with network security strategies are evolving greatly as a result. Neil Thacker, European chief information security officer of US security software firm Netskope, believes that organisations cannot simply focus on protections for physical networks.
“As infrastructure and applications move to the cloud, the focus on network security moves to the cloud too. As a CISO, my role is to mitigate the risk, which results in ultimately following the data – how we connect, interact and collaborate with data relies less today on physical networks and more on client to cloud services,” he says.
Thacker is developing a more tailored cyber security strategy that is specific to today’s threats. Instead of trying to cover all areas, he is focusing on the layers that affect his company’s cloud infrastructure.
“The traditional seven-layer OSI model has therefore been replaced with three layers: identity, application and data. In summary, organisations must have better visibility into these three layers without necessarily prohibiting the use of services that businesses rely on,” he says.
“Cloud is not just the future, it’s how businesses work in the present day. Therefore, the security of these services and the data that resides in them must form part of a CISO’s principal strategy,” he adds.
Corey Nachreiner, CTO of cyber security firm WatchGuard Technologies, agrees with Thacker that strategies are changing as a result of cloud, virtualisation and mobile computing technologies. However, he believes that network protections will constantly be crucial for businesses.
“Independent of its evolution, network security is and will always be relevant and necessary. While our network designs and perimeters are changing due to the cloud, virtualisation and mobility, the network is still there and its protection will always be critical,” he says.
Nachreiner believes that, as an area, network security is always evolving to keep pace with new technologies and threats. He says it helps to “reinforce detection and response” considerations.
Independent of its evolution, network security is and will always be relevant and necessary Corey Nachreiner, WatchGuard Technologies
“Historically, IT organisations have focused more on preventing threats and less on discovering ones that got through their defences. With huge breaches proving that no defence is infallible, we are seeing more organisations shift some budgetary focus to detection and response,” he says.
“The problem is neither the endpoint nor the network can always catch all the stages of an attack. For instance, fileless malware often evades traditional endpoint protection. Meanwhile, some network attacks use techniques to bypass certain network protection measures.
“The best detection and response solutions actually correlate suspicious network events with suspicious endpoint events to find malware or threats in your network that you couldn’t find otherwise.”
Scott Crawford, an analyst at 451 Research, says network security “remains primary” in any truly comprehensive security strategy: “Network security provides the visibility into network traffic and content organisations need to be aware of threats or activity that could cause security problems.
“It can be examined at a high level for security-relevant trends or – when warranted – inspected in detail for specific indicators of suspicious activity or potential risk.”
However, Crawford admits that the field is evolving. “That is not to say there haven’t been changes in the nature of network security. With the shift of datacentre activity toward cloud concepts, third-party providers have taken on more of the functions traditionally handled in the enterprise datacentre, which has shifted some investment, including that historically allocated to on-premises networking and network security,” he says.
While the definition of networks has changed dramatically over the past few decades, the importance of securing them has remained the same.
Alex Ayers, head of application security at information services firm Wolters Kluwer, says the objectives of network security have endured time. But he admits that it is particularly crucial for companies that develop network infrastructure as a service (IaaS).
Ayers believes that the most modern and effective strategies “balance performance, reliability, scalability, supportability and security”. At Wolters Kluwer, he has implemented a layered approach to stop cyber criminals from infiltrating the company’s systems.
“Perimeter controls restrict the traffic reaching our applications and network segmentation is used to isolate service infrastructure components. Supporting the architectural and technical controls is a security monitoring layer which, while often seen as an insurance policy, provides data that can be used to augment service health and performance indicators,” he says.
Through these different layers, Ayers says his company is able to “deploy, tune and replace discrete specialised technologies in response to changes in threats or business requirements”.
“Corporate network boundaries are a thing of the past. Today, we balance a corporate network, a production network, and a host of SaaS [software-as-a-service] offerings to run our businesses and maintain a competitive advantage,” he adds.
The importance of balance
Collaboration software firm Slack, like many other businesses, relies on a range of traditional network security mechanisms to tackle cyber crime.
Geoff Belknap, chief security officer at the company, says these continue to be effective for the firm, but the company has also had to invest in more modern detection and response technologies in recent years to keep ahead of increasing threats.
“Slack uses a combination of common technologies such as firewalls and network based intrusion detection, as well as modern network and endpoint-based malware detection methods. We monitor all network traffic at the kernel level to gain insight into how our services communicate and to detect potentially malicious traffic,” he says.
Belknap also questions the trustworthiness of every network. This way the company is able to probe for potential security risks. “We are also big believers in the beyondcorp/zero trust school of thought. We don’t assign any trust based on the source network that a given device’s request originates from.
“We treat all our networks as untrusted. Instead we make device identifiers a key component of our security, which allows us to make more accurate decisions about access control and make more informed decisions about suspicious activity,” he adds.
Julie Cullivan, chief information security of network security company ForeScout, says companies need to develop a deeper understanding of existing and emerging security risks. “An important first step in securing an enterprise network is understanding the cyber threat landscape and the challenges IT teams are facing,” she says.
“At a time where devices making up the internet of things become increasingly prevalent in industrial settings, enterprise security teams often struggle to see how many devices are connected to their network.”
Like Belknap, Cullivan believes that companies should take comprehensive network security approaches, adding: “Implementing a model that includes understanding any time new devices and new types of devices join a network is essential for managing your security risk posture.
“Factory passwords should always be changed, endpoint access to networks should be managed and in some cases restricted, and devices should always run the latest software and security updates. While some of these might sound trivial, cyber criminals will always try to identify and exploit the weakest link in a network,” she says.
Fending off attacks
Hervé Dhelin, senior vice-president of strategy at networking firm EfficientIP describes network security as a “make or break scenario” for companies. He says it can help them identify and respond to new threats, even if the source is untraceable.
“Having the right tools to launch the appropriate countermeasure is crucial. The recent example of the cyber attack of the Winter Olympics shows how important it is to have network security in place to be prepared to mitigate a large volume of possible attacks,” he says.
Specialising in domain name system (DNS) and cloud protection, EfficientiP works with companies such as Netflix, eBay, Orange, the London Stock Exchange and Vodafone. But it has also been helping large universities, hospitals and sporting events to ensure that their networks are unbreakable.
Roland Garros (the French Open) is another high-profile client of the company. It is using network security products from the firm to protect tens of thousands of sports fans from falling victim to breaches.
“Roland Garros needed to protect its network to ensure continuity of service for the 15,000 seats that may need to access the network,” says Dhelin.
“The French Federation of Tennis understood the importance of having the right tools to mitigate threats that might damage their business, and consequently installed DDoS [distributed denial of service] mitigation to absorb any large volumetric attacks, which could easily be executed thanks to the sheer number of unsecured user devices on stadium premises.
“Even if the FFT is not able to locate the direct source of the attack, they will always be able to ensure their customers – in this case, spectators, journalists, VIPs, and even players – uninterrupted service.”
Franck Labat, IT technical director of the French Tennis Federation, says network security defences are an integral part of the organisation’s cyber security blueprint. With them, the federation can keep its stakeholders safe.
“During a tournament, billions of DNS requests must be solved: more than 3,000 journalists, photographs, VIPs, players and trainers use our network services. We are now capable of avoiding any interruption of service to ensure a high level of availability. The quality of these services is vital to the tournament’s reputation,” he says.
Considering how long network security has been around, it is quite common for people to view it as an archaic part of cyber security strategies. But the fact is that networks play an important role in any private or public organisation, so it is crucial to have appropriate defences in place to ensure that hackers cannot bring them down.
That said, there is a clear sense among companies and IT professionals that network security must continue to change with the times. Cyber threats are becoming harder to trace and tackle – meaning that network security technologies and strategies need to be just as sophisticated.
Sparkle, Positive Technologies Roll Out Signalling Protection Service
Sparkle, the international services arm of the Telecom Italia Group, has joined forces with Positive Technologies to launch suite of security services designed specifically for signalling connectivity. The Sparkle Signalling Protection Suite is an all-in-one package that protects the signalling network of mobile operators by detecting and blocking unauthorised traffic and preventing potential privacy issues, operational instability and revenue losses, said the company.
The offering gives customers a set of advanced security services such as vulnerability testing, best practice compliance assessment, signalling firewall and security monitoring for real time detection of anomalous activities, added the partners.
Demisto’s SOAR Platform Honored By Info Security Guide
Demisto’s SOAR Platform Named Most Innovative Security Software Product of 2018 — Company’s Security Orchestration, Automation and Response (SOAR) Solution Named Gold Winner in 14th Annual Info Security Product Guide’s 2018 Global Excellence Awards
CUPERTINO, Calif., March 13, 2018 — Demisto, an innovator in Security Automation and Orchestration and Response technology, today announced that Info Security Products Guide, the industry’s leading information security research and advisory guide, has named its Security Operations Platform as a Gold Winner in the 14th Annual 2018 Info Security PG’s Global Excellence Awards®. Demisto took top honors in the Most Innovative Security Product (Software) of the Year Awards Category for companies with less than 100 employees.
These prestigious global awards recognize cybersecurity and information technology vendors with advanced ground-breaking products, solutions, and services that are helping set the bar higher for others in all areas of security and technologies.
Demisto Enterprise integrates with more than 160 security products and enables organizations to build playbooks for different security operations. By integrating other security products with Demisto, users can orchestrate actions across a suite of products in one window, automate response actions through playbooks, and run live security commands from a collaboration interface to remediate threats. All of which can reduce mean time to response (MTTR) for security incidents and maximize ROI for the user company’s entire security product investment. In addition, the case management and machine learning capabilities help security teams save resources and time while enforcing rigor and process to incident response. Demisto helps future-proof security operation centers (SOCs).
“We are pleased to be recognized as having the industry’s most innovative security software product of the year by Info Security Products Guide,” said Rishi Bhargava, Demisto co-founder and VP of Marketing. “Our most recent security orchestration, automation and response (SOAR) innovations enable SOC analysts to better understand the metrics and trends of collected incident data from their networks to most effectively respond to potential security issues. The industry turns to Demisto, including a number of Fortune 500 companies, to address not only the latest attacks threatening their organizations, but also the industry shortage of skilled incident response personnel.”
Demisto’s solution has seen world-wide traction by helping SOC teams reduce the number of alerts requiring human review by as much as 95 percent. It also solves the ever-growing problem of product fatigue — where analysts need to learn more and more products to mitigate threats throughout their infrastructure. By working in a platform that integrates with all major security products such as SIEM, network, threat hunting, and end-point, it provides a comprehensive view into incident response.
About Info Security PG’s Global Excellence Awards
Info Security Products Guide sponsors the Global Excellence Awards and plays a vital role in keeping end users informed of the choices they can make when it comes to protecting their digital resources and assets. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. Readers will discover a wealth of information in this guide including tomorrow’s technology today, best deployment scenarios, people and technologies shaping cyber security, and industry predictions and directions that facilitate in making the most pertinent security decisions. Visit www.infosecurityproductsguide.com for the complete list of winners.
Demisto Enterprise is the first and only comprehensive Security Operations Platform to combine security orchestration, incident management, machine learning from analyst activities, and interactive investigation. Demisto’s orchestration engine automates security product tasks and weaves in the human analyst tasks and workflows. Demisto enables security teams to reduce mean time to response (MTTR), create consistent incident management process, and increase analyst productivity. Demisto is backed by Accel and other prominent investors and has offices in Silicon Valley and Tel Aviv. For more information, visit www.demisto.com or email email@example.com.
Link Exchange | Products And Prices
The list of link building products and prices currently offerd at LinkMarket.Net.
The list of link building products and prices currently offerd at LinkMarket.Net.