After what was a record-setting year of cyber attacks and cyber crime, two of the most common questions I’m answering these days are: 1) “We have a firewall, so my network’s secure, right?” or 2) “You guys are monitoring my network, so it’s secure, right?
While I’m not going to go into too much detail, let me first state that there’s a HUGE difference between managing a network versus securing a network (ie: monitoring and maintaining a network for performance, stability, and uptime vs. monitoring and securing it from the perspective of potential intrusion activity). These two functions have completely different purposes and, therefore, have different requirements, toolkits, and services delivered.
For this blog post, I’m going to focus on the first essential question: Is my network secure? Falling back on my standard answer to most IT questions — “it depends” — my response to this question would be this: How secure your network is depends on how you define “secure.”
Security — or better still, how secure your network is — is best defined through the scale of “insecure” (let’s say 0) to “fully secure” (let’s say 100). However, it’s important to note that these numbers only represent a sense of your security posture. Furthermore, there really is no way to truly be at 100.
According to an Information Systems Audit and Control Association (ISACA) survey of more than 600 security leaders from around the world, 53% of enterprises experienced more cyber attacks in 2017 than in the previous year; moreover, only 53% said they have formal processes in place to deal with ransomware attacks.
So, keeping this information in mind and getting back to the initial question — "Is my network secure?" — here are a couple of questions to ask yourself (or your IT guy):
- Do you have a business class firewall on your network? And, if so, is it monitored, patched, and kept up to date?
- Do you have an ongoing cybersecurity awareness training program for your end-users in place?
- Do you have dual-factor authentication for your network in place?
- Is your network currently being monitored for security threats and intrusions?
- Is the information on your servers and workstations encrypted?
Each of these questions addresses a different gap in the security information paradigm, ultimately the risk tolerances and varying levels of protection. The purpose of having a firewall in place is to prevent outside intrusions; however, when misconfigured or out of date, it can cause more harm than good. Cybersecurity awareness training aims to help your end-users improve their cybersecurity knowledge, practices, and hygiene. Dual-factor authentication addresses a number of user login vulnerabilities, further tightening your network. Security monitoring provides a lens through which to view and better understand what is happening with attacks and threats at the transport level. And, encryption provides that ultimate layer of lockdown.
Each of these components helps individually; together, they also are increasingly beneficial. However, the thing about security is that more protections will almost always be better. A network health assessment helps you to get the pulse on your existing network infrastructure to determine its strengths, weaknesses, and any areas of concern.
Revisiting that scale: Where on the scale of 0 to 100 are you comfortable — or where does your business need to be (i.e. do you have specific compliance needs?)? Cybersecurity is more than just a line in the sand at any given point in time; it’s an ongoing daily process. If you’re wondering how secure your network is, I’d suggest you start with the five items listed above and then ask yourself: How secure do I want my network to be?
At FPA, we’ve been focusing pretty heavily on security and have provided numerous cybersecurity and network health assessments for our clients in that time. Additionally, we’ve also developed our managed security services programs, providing these services to clients who are looking to address their specific cybersecurity needs. If you’d like to learn more about these services, feel free to reach out to me directly.
What are your thoughts? And do you have any additional helpful information? Let us know in the comment box below or send me an email if you’d like to chat about this in more detail.