So we’re past the predictions and trends that come with the holiday season and now that it’s the beginning of the year, it’s time to make our resolutions. Here are my top 5 network security resolutions for 2013, which combine advances or changes in technology, methodology and company culture:
5. Ensure devices and systems are properly configured: Implementing the right security tools and policies are certainly important when it comes to defending your network, but if your devices are out of date, missing critical patches or improperly configured, your network may be exposed. You could have the tightest firewall rules and a “locked down” network, but if a router is running an old operating system that has known flaws, you have a security gap that can be exploited. Gartner has stated that most firewall breaches are due to misconfiguration, not from flaws with the firewall itself. It’s not sexy, but proper configuration is huge (and it’s listed twice among the top 20 critical controls identified by SANS – for endpoints and network devices).
4. Break down organizational silos and work with your IT counterparts: Oftentimes, ineffective security is a symptom of a cultural issue. Both IT Security and IT Operations teams are strained with managing, supporting and securing increasingly complex network environments, often clamoring for more resources to get the job done. As more work piles up, each department hunkers down and focuses primarily on their specific roles and responsibilities. The silos expand across other key stakeholders as well when you consider business applications – complex connectivity requirements also involve multiple parties, such as application owners and firewall administrators. Organizations should consider a culture change that involves breaking down the invisible walls that typically prevent these different stakeholders from effectively communicating with each other – to improve security without impeding productivity.
3. Automate more processes: If you’ve addressed the previous two “resolutions”, then automation can really amp up your security and operations. In the State of Network Security 2012 survey, more than half of the respondents cited time-consuming, manual and error-prone processes (including poor change management) as the greatest challenges of managing network security devices. Manually discovering all of the firewalls and rules impacted by a potential change, as well as understanding any potential change in risk or compliance levels, is time-consuming, tedious and prone to mistakes. Automation can be used to ensure accuracy, reduce risk and significantly reduce the time to process changes – and ultimately allow IT to more quickly respond to changing business requirements.
2. Reduce network security complexity: In our Dangers of Network Security Complexity survey, we found that more than 50 percent of respondents reported a security breach, system outage, or both, due to complex policies. The report highlighted that nearly 94 percent of organizations have deployed multi-vendor environments and nearly 75 percent of organizations manually manage network security, despite the popular belief from roughly half of the respondents that consolidation would simplify management. This is an area where maybe less is greater than more.
and for the top security resolution of 2013…. drum roll please….
1. Rethink network security! What do I mean by this? Well, when planning our defense it is the norm to develop a plan based on a clean network. But in today’s age of stealth malware, targeted attacks and a more open network, this is a faulty assumption. Rethinking network security means you start with a different assumption… assume you have already been hacked. Now it’s time to re-plan your defense.
This is obviously a shortlist of security resolutions, but I’d love to hear others that you think are worthy of being a top priority for 2013. Thanks and happy new year!
Receive notifications of new posts by email.