As much as we rely on firewalls to protect enterprise assets, information security is not just about creating that impenetrable outer shell. its also about looking at all of your IT risks across the board. From internal systems, out to the cloud, and everything in between, there’s a myriad of security risks that you have to consider beyond what your traditional firewall is doing at the perimeter and in between network segments.
In my work as a security consultant, here are the top 9 things risks, all unrelated to firewalls, that I regularly see:
Certainly firewalls can help prevent the outcomes when these vulnerabilities are exploited, i.e. denial of service attacks brought about by malware infections and missing patches, high bandwidth usage related to SQL injection database dumps and the like, but that’s on the reactive side of security and that’s not where you want to be.
Step back and take a look at your overall network environment. While there are likely going to be literally thousands of potential risks, it won’t take long to uncover the big ones that impact your business the most. Every organization will have different set of issues and will have to deal with (or accept) them on their own terms. Risk tolerance is everything, but make sure you have good information to base your security decisions on.
Security risks are everywhere. How do you handle them beyond your traditional firewall controls? Odds are you’re not as prepared as you think you are.
Receive notifications of new posts by email.