October is National Cyber Security Awareness Month. Organized by the Department for Homeland Security, it is an annual campaign to raise awareness about cybersecurity. Every week throughout the month the campaign showcases a different theme to help individuals and organizations stay safe online. The theme for this, the first week is: ‘Every Day Steps Towards Online Safety with Stop.Think.Connect.™’
Staying safe online is, of course, at the core of AlgoSec’s business and each week we post blogs that aim to help IT professionals keep their businesses secure while remaining agile and compliant. In support of Cyber Security Awareness Month, we’ve taken a look back through our blogs post over the past year to provide our own ‘Every Day Steps Towards Online Safety’.
Back to network security basics
First, let’s consider some basic network security housekeeping. Ensuring that your devices are up-to-date with the latest patches and protocols, and that your network is properly structured and segmented can have a huge impact on your overall security and compliance posture.
One example is SSL and TLS protocols. To comply with the latest version of PCI DSS, you must stop using SSL altogether and upgrade to new version of TLS. In addition to your websites and internet-facing applications, remember that SSL and TLS protocols may well be installed on many networked devices that are not quite so obvious, such as wireless printers and point of sale devices. As such, comprehensive network visibility and complete knowledge of which devices on your network have in-built web servers is critical.
It is also important to remember that today, all organizations are connected to a complex cyber-web, and that your organization’s security also depends on the security of the networks it connects to. We blogged about the findings of Project Sonar, a massive scanning operation that identified millions of open ports across the internet, any one of which might provide a route into an organization for cybercriminals. As we pointed out, ‘big or small, we’re all connected’, so you need to close off all unnecessary open ports and segment your network to reduce risk.
Similarly, the unstoppable rise of the Internet of Things (IoT) means that there are far more interconnected devices on your corporate network than ever before – many of which don’t have the sophisticated security functionality that’s needed to protect your organization – making them an ideal attack vector for cyber criminals. While IoT manufacturers scramble to catch up with the IT security industry, it is vital for your facilities managers to work closely with your security managers, to review and update the standard security measures in any IoT connected devices and make sure they are segmented from key business data.
We also wrote a series of blogs on Advanced Persistent Threats (APTs), and how Reducing your Attack Surface can vastly reduce the risk of a successful cyber-attack. By defining and segmenting your network into internal zones, placing firewalls to filter traffic between those zones, you can create a network architecture over which you have tight visibility and control, that minimizes the ability of cyber criminals to move laterally across your network and access key business data.
The importance of firewalls and effective management
This takes us to the topic of firewalls. As Mark Twain said “The reports of my death are greatly exaggerated.” Far from being obsolete, in this blog we explained why firewalls are more relevant to security today than ever before, especially when used in conjunction with intelligent network structuring and segmentation, as outlined in so many of our blogs.
Furthermore, organizations that operate internationally must deal with the specific challenges of managing firewalls across global networks. In this post we explained why it’s critical to select the best time to make firewall policy rule changes across multiple time zones. Another important aspect to consider is the multiple jurisdictions that international networks operate across; international firewall management also requires understanding the complexities of multiple different data protection regimes.
In today’s era of digital transformation, companies also need manage firewalls in the cloud, alongside their traditional on-premise firewalls. In this post we discussed the pros and cons of host-based vs. network-based firewalls. Host-based firewalls are more flexible but easier to circumvent, while network-based firewalls offer a stronger defensive barrier, but must be coupled – once again – with intelligent network segmentation in order to provide the necessary protection.
The light of frequent DDoS attacks we provided some tips about the best way to tackle them, explaining that the first step is being able to quickly detect that you are under attack, and having a procedure already in place to deal with it. In addition to asking for assistance from your ISP and using anti DDoS technologies, the post included some recommendations such as ISP blocking and scrubbing, black-holing traffic or filtering non-critical protocols, blocking invalid IP addresses and shutting off access to specific high-risk segments of your network in the event of an attack.
Don’t forget the people
Finally, basic principles of information security need to consider one of the most critical elements of your security posture – your people. Human error, insider threats or simply a lack of available cybersecurity skills are all huge potential risks. On the human error side, organizations need to be aware that the vast majority of firewall breaches are caused by misconfigurations, not flaws, and a single tiny typo can jeopardize the integrity of your entire network. On the skills side, nearly half of organizations claim that they have a ‘problematic shortage’ of cybersecurity skills. Both of these problems can be dealt with by implementing greater automation of security policies. This drastically reduces the risk of basic manual errors, and allows highly skilled engineers to spend their valuable time on strategic initiatives rather than on manual, ‘keeping the lights on’ tasks.
Cyber-security awareness month is a timely way to remind ourselves of some of the basic network security best practices and ‘every day steps’ to help protect our organizations against cyber-attacks and keep them safe. Check out our blog for many more tips and best practices from leading security experts.
Receive notifications of new posts by email.