CIO Strategies for Comprehensive Network Security – Part 1

The prevalence of network attacks on today’s enterprises has CIOs and CISOs researching a wide variety of ways to mitigate security risk. Well-publicized security tools such as Security Information and Event Management (SIEMs) and Data Loss Prevention (DLP) solutions can be beneficial, but don’t forget about the foundational building blocks of your network security. It’s vital to ensure that your organization’s network is designed to keep customer and company data secure.

In the first of this two-part blog series, let’s explore the elements that help create a strategy CIOs can use to build a layered, comprehensive approach to network security for their organizations.

Parallel Networking

Network segmentation is a main ingredient in your network architecture. The best-case scenario is to prevent intruders from reaching your company’s most valuable data, such as Point-of-Sale (POS) systems, in the first place. But traditional network segmentation is no longer the best strategy to protect this critical data.

Many high-profile data breaches in recent years were pivot attacks, where hackers breached an easily accessible part of the network, then moved from there into an area where sensitive data was stored. If you currently have applications processing critical data, like POS or patient records, traditionally segmented on the same network as non-critical data, such as digital signage or the HVAC system, consider isolating these applications onto their own Parallel or “air-gapped” networks. This strategy keeps critical applications holding sensitive data physically separated from noncritical applications to help mitigate the risks of pivot attacks.  

Threat Detection, not Just Intrusion Prevention

Perhaps the most pressing need in network security is better detection. Most organizations focus on intrusion prevention but often bad actors access enterprise networks and are in the network for months before being detected. Consider the large network breaches that have recently been in the news. One thing stands out—the intrusions were first reported by fraud systems, not by the companies that were breached.

While it may have been said too many times, it’s not a question of if your network will be threatened, but when. Because of this, many companies are working to develop an environment in which network attacks can be detected and responded to as quickly as possible.

Proactive efforts such as penetration testing are highly beneficial, but only if there’s follow-up. If you’re not ready to mitigate the breaches, what good is it to look for them? It’s not enough to know your network has vulnerabilities. You have to dedicate the resources to fix what is broken. Threat detection needs to be top of mind for CIOs when planning or revamping a network security strategy.

Quick Response & Employee Education

A valuable component of network security in the enterprise is quick, easy access to your company’s security team and continued employee education. Many branch locations don’t employ onsite IT professionals; and employees at these sites don’t usually receive extensive IT training. Providing basic knowledge of how to recognize phishing emails and malicious documents can help, especially when you provide easy access to the security team. The more swiftly a team member can notify the IT team at headquarters about inappropriate activity, the faster an attack can be thwarted before causing significant problems.

Read more from Ryan Allphin next week with Part 2 “Battle Network Security Threats with Preventative Practices and Education”.