I’ve talked about the need to consider your network as the key to improving cyber defenses. Here’s why.
Today’s attacks are “system-level”, supplanting specific server or host exploitations. Cybercriminals today develop sophisticated attack strategies by:
- Finding PATHWAYS INTO the network through phishing emails, third parties, or other creative ways.
- MOVING MALWARE AROUND the network while masquerading as legitimate traffic.
- Identifying legitimate PATHWAYS OUT.
- Exfiltrating company assets through these pathways.
Notice this is all about TRAFFIC and PATHWAYS, and who knows the most about these? Your network team.
They know your network and why it is built the way it is. What is their priority? Performance and uptime. They have a wealth of tools that already help them manage to these priorities. So if a security solution gave them additional knowledge about their network that helped manage performance and uptime, they would likely embrace and use it. Although they are now working with firewalls and other security devices by necessity, they still focus on performance. They’ve segmented the network for management and performance reasons, but are now expected to further segment for security.
And they care about one other thing: Access. Access to data and applications by their end users.
Access? Pathways? This is EXACTLY what attackers are exploiting.
So your best bet to combat cybercrime? Bring in the experts who know about access in your network, and leverage their knowledge and experience.