Page 43 - Cyber Warnings
P. 43
Network Security in 2016: Let’s be Prepared
By Narendran Vaideeswaran, Product Marketing Manager, SolarWinds
There will be an estimated one million cybersecurity job openings in 2016, according to a recent
report from Cisco. This is good news for both seasoned IT security experts and up and coming
network and security professionals. It also shows that more companies are planning to take
network security seriously in 2016. And it’s for good reason: according to Kroll’s data security
statistics, today’s average cost of a data breach is $5.9 million.
But this begs the question: What exactly can you do to help ensure your organization’s
networks, other critical infrastructure and potentially sensitive data stay safe this year and
beyond? Here are ten tips and considerations that answer that question, whether you’re a
seasoned IT security pro or aspiring to become one.
Prepare the security framework
What does your current security framework look like? If you don’t have one, start with a
comprehensive audit of the available inventory, including your network’s user accounts, type of
transactions (public/internal), sensitivity of the data being handled, account
roles/responsibilities, BYOD policies and change management policies. And remember, IT
security is not necessarily achieved by just one person, machine or policy. The management
process depends on a multitude of factors ranging from people, processes and data, and only
ends with technology—all designed and working together to accomplish the broader goal.
Naturally, this framework will be continuously evolving.
Automate threat detection and response
Users, devices and applications generate a large number of network connections, data
transactions and application requests. Manually detecting threats in this cacophony is nearly
impossible considering how sophisticated hackers and malware have become. Centralizing
syslogs and events from network devices, servers, applications, databases and users via a
security information and event management (SIEM) software is a must. Such a tool can
automate threat detection and provide corrective responses to mitigate risk. It’s just one tool that
should be a part of your defense-in-depth armory, others include anti-malware, firewalls
(including firewall management), intrusion prevention and threat intelligence (more on this to
come).
Implement data-driven analysis
It’s possible to detect suspicious network activity if you have access to real-time network data
showing there’s an increase in Web traffic activity on a critical router or firewall, or suspicious
43 Cyber Warnings E-Magazine – March 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
