While technology is key to securing networks, it’s integral that businesses have the right network management policies and procedures in place to avoid falling victim to cyber-attacks

In an age of increasingly sophisticated cyber-attacks, a compromise of your corporate network can be game over. Yet many firms forget the basics when managing networks, failing to follow foundational security steps as they struggle to protect themselves against today’s complex cyber-threats.

Human missteps can be fatal, leading to configuration errors and other mistakes which can allow bad actors to access the company network. Technology such as firewalls and security monitoring are key to securing networks, but it’s integral that businesses have the right policies and procedures in place to avoid potentially damaging cyber-attacks.

>See also: Establishing a strong information security policy

Configuration errors and poor patch management are common network management security mistakes, says Chris Dimitriadis, chief global strategy officer at cyber security professional association ISACA. “Misconfigured or unpatched network devices can be the weak link that breaks defences, even in the most sophisticated security architectures.”

One of the biggest issues in network management is a lack of segmentation, says James Pickard, head of security testing at IT Governance. “Often when plugging into a company’s network as an unauthorised user, I can easily access the majority of services and systems and traverse through the network.”

Another issue is that when managing networks, businesses tend to focus on maintaining access and uptime for services, rather than on reducing risk, says Oliver Pinson-Roxburgh, CEO of Defense.com. This can lead to “dangerous misconfigurations”, which attackers can take advantage of via brute force, he warns.

Meanwhile, unpatched security holes can be exploited to gain access, Pinson-Roxburgh says. “Critical infrastructure can be disrupted and access could be leveraged for ransomware attacks in many cases.”

‘In the future, we should expect new, currently unheard-of threats that involve emerging technologies such as 5G and artificial intelligence’

Chris Dimitriadis, ISACA

Mitigating issues

It’s easy to get bogged down, but a few small steps can help to mitigate common network management security issues. For example, security problems arising from misconfiguration are largely down to the person using the technology, rather than the tool itself, says Lewis West, head of cyber security at specialist recruitment firm Hamilton Barnes.

He says automation can help via fixes to rectify any issues or mistakes, reducing human involvement and therefore the chance of error. “Human users will have policies and procedures to follow, but they also have a mind of their own. Machines – unable to think for themselves or move outside of set rules –do not pose the same threat.”

>See also: Combating common information security threats

Dimitriadis recommends more “holistic approaches” to cyber resilience and upskilling to ensure firms don’t fall foul of common network security mistakes. “More holistic approaches need to combine technology, people, process and organisation parameters and their interactions within a digital ecosystem.”

For example, says Dimitriadis, a new digital transformation project or upgrade in an existing ecosystem must be addressed from all aspects to ensure the change is bulletproof. “This must be done not just from a change management perspective, but also using a cyber security approach, including an IT audit and taking into account risk management, linking technology and the business.”

Zero trust

The most advanced form of network segmentation encourages every asset to be in its own segment, an approach known as “zero trust”. However, when not done precisely, zero trust can affect functionality by “keeping legitimate users and applications from communicating if they need to”, says Gary Kinghorn, senior director at Nozomi Networks.

Taking this into account, Pickard advises splitting users into different groups such as IT, HR and sales and applying access controls and policies. “This will limit what an attacker can access if the network or machine is compromised and help prevent the spread of malware.”

Network management

Overall, technology combined with a strong strategy can help mitigate the risk. Solutions such as two-factor authentication are key to network security, says Pinson-Roxburgh. “Building an air gap is a useful method to limit external access to systems used by high privilege users,” he adds.

At the very least, he says, firms should separate administrators’ accounts from their everyday user accounts. “Businesses could also consider limiting the times when administrators are allowed access to the systems.”

At the same time, VPNs are “efficient and effective” at ensuring remote access to systems can be restricted from general internet access and is encrypted, Pinson-Roxburgh advises. “This is a useful piece of technology which is relatively cheap and very helpful.”

>See also: How to ensure 5G wireless network security

There are also some foundational steps to be taken into account when securing networks. Crucially, organisations need to ensure they are on top of software updates and asset management, says Richard Beeston, director of solutions and strategy at Daisy Corporate Services. “It is important that asset registers, configuration management databases and software on the devices that make up the networks are fully up to date.”

More broadly, organisations need to ensure they have full visibility and monitoring capabilities, deploying tooling to work across different technologies and locations, says Beeston. In addition, he says, vulnerability management is “essential”. “It allows IT teams to identify vulnerable devices on the network, so they can patch, isolate or remove them and maintain network integrity.”

Another useful and available resource for IT teams is the UK’s National Cyber Security Centre (NCSC), as well as vendor vulnerability notifications. “This will help ensure companies are fully up to date on newly found threats and vulnerabilities,” Beeston adds.

To ensure your business is futureproof, it’s also important to keep on top of the latest technology developments and the risks they pose. Technologies such as robotics and augmented reality applications are changing the types of devices and assets connected to a network, making it integral that infrastructure and overall security posture are “constantly evaluated and optimised”, says Markus Nispel, CTO EMEA, Extreme Networks.

After all, threats are becoming more sophisticated, with attackers constantly seeking out the easiest and quickest paths to success, says Dimitriadis. “In the future, we should expect new, currently unheard-of threats that involve emerging technologies such as 5G and artificial intelligence.”

Taking this into account, businesses should also pay extra attention across their entire network supply chain.

“As the cyber threat landscape evolves, there is one rule that applies to all: simplicity is key,” Dimitriadis says. “A simple and standardised network makes managing cyber security threats and issues much easier.”

Related:

Who is responsible for cyber security in the enterprise? – Uncertainty is widespread across companies over who takes the lead on cyber security, according to Willis Towers Watson

Securing the future: The evolution of cyber security in the wake of digitalisation – With threats becoming more complex, moving from basic attacks against one device to complicated attacks against every device on an organisations network, traditional security simply isn’t enough in the age of digitalisation

BlackBerry’s transition to a cyber security company, its 2020 goals and the importance of trust – BlackBerry has moved from a device company to a software-based cyber security leader. Its CTO, Charles Eagan, takes Information Age on this journey, while revealing the company’s 2020 goals and the importance of trust