Businesses must measure and understand cybersecurity activity inside their own organisation, advises Novi’s O’Dowd
Nearly a quarter (23%) of Irish organisations have been held to ransom by a hacker, and yet the vast majority (93%) assert they would never pay a ransom. While the obvious security measures such as two factor authentication, end point protection, strong password policies etcetera, have been well documented and duly implemented, cyberthreats continue to evolve and become far more sophisticated and widespread.
Many cyberattacks sit undetected in networks as criminals have invented smarter methods to stay hidden. Organisations that believe they have not been a victim of cyberattack just don’t know about it yet and it is only a matter of time until they become aware of its destructive effects.
Until recently a typical network diagram consisted of a firewall with external untrusted networks shown outside the firewall and internal “trusted networks” and “trusted devices” shown behind the firewall.
Today the approach to network design needs to be very different. Every network and device, including those internal to the organisation, need to be considered “untrusted” and as such treated with suspicion. The evolving threat is forcing organisations to rethink the entire internal structure of their own networks right back to the core in an effort to protect themselves.
Internal Segmentation Firewalling (ISFW) is a more modern approach to localising potential threats as core unified threat management (UTM) scan and inspect internal traffic as it passes from one internal network to another. The goal is to minimise the spread of attacks from compromised devices and protect sensitive company data and mission critical systems.
Traffic from a crypto locker infected device joining the internal wireless network for example would be identified by the core UTM firewall and would not be allowed to spread to server file shares and other mission critical systems.
“Every network and device, including those internal to the organisation, need to be considered untrusted and as such treated with suspicion. The evolving threat is forcing organisations to rethink the entire internal structure of their own networks right back to the core in an effort to protect themselves”
To be effective organisations need to have timely management information to make informed decisions. However, when it comes to IT most businesses KPIs focus on system performance and uptime and dangerously assume that security safeguards are doing their job unless an obvious breach or virus outbreak occurs.
It is essential that businesses measure and understand cybersecurity activity inside their own organisation. Cybersecurity monitoring and internet reporting helps create a vital security benchmark and offer actionable intelligence such as identifying malware infected devices inside the network that would otherwise go unnoticed.
Any security safeguards can only detect the threats they know about, and in the case of targeted attacks which are becoming more and more common especially in the smaller/medium sized companies, they can often lag behind the exploit.
Businesses with extremely sensitive data to protect should also consider advanced threat protection (sandboxing) that works in conjunction with perimeter and core firewalls, all capable of providing the business with essential reports and actionable intelligence.
Novi are Fortinet Gold Partners. Fortinet are world leading security solution specialists. Novi work with organisations to implement modern and proven firewalling, advance threat protection and cybermonitoring and reporting to help businesses protect their data and systems and keep them informed of potential risks leaving them vulnerable to attack.
With 200,000 new pieces of malware identified every day going undetected for an average 210 days prevention is the best cure and businesses can’t afford to ignore the threat that cyber criminals pose to their business.
George O’Dowd is managing director of Novi
Subscribers 0
Fans 0
Followers 0
Followers