Trends In Application Connectivity & Network Management

Uploaded on 2022-03-16 in TECHNOLOGY--Resilience, FREE TO VIEW

While we optimistically hoped for normality in 2021, organisations continue to deal with the repercussions of the pandemic nearly two years on, creating a dynamic shift in cybersecurity and networking. At the same time, cyber criminals have taken advantage of the distraction by launching ambitious attacks against critical infrastructure. 

What can we expect to see throughout the rest of 2022? Here are my thoughts on some of the most talked about topics in cyber security and network management.
 
Taking An Application-centric Approach

One thing I have been calling attention to for several years now has been the need to focus on applications when dealing with network security. Even when identifying a single connection, you have a very limited view of the “hidden story” behind it, which means you need a clear-cut answer to the following: What is going on with this application? You also need the broader context to understand the intent behind it:

  • Why is the connection there?
  • What purpose does it serve?
  • What applications is it supporting?

These questions are bound to come up in all sorts of use cases. For instance, when auditing the scope of an application, you may ask yourself the following: Is it secure? Is it aligned? Does it have risks? In today’s network organisation chart, application owners need to own the risk of their application; the problem is no longer the domain of the networking team. 
 
Understanding intent can present quite a challenge. This is particularly the case in brownfield situations, where hundreds of applications are running across the environment and historically poor record keeping. Despite the difficulties, it still needs to be done now and in the future.   

Heightening Ransomware Preparedness

We’ve continued to witness more ransomware attacks running rampant in organisations across the board, wreaking havoc on their security networks. Technology, food production and critical infrastructure firms were hit with nearly $320 million of ransom attacks in 2021, including the largest publicly known demand to date. Bad actors behind the attacks are making millions, while businesses struggle to recover from a breach. It is safe to expect that a curbing of this trend is unlikely to occur and begs the question of “how does your organisation prepare for this eventuality” 
 
Preparation is crucial, but antivirus software will only get you so far. Once an attacker has infiltrated the network, you need to mitigate the impact. To that end, as part of your overall network security strategy, I highly recommend micro-segmentation, a proven best practice to reduce the attack surface and ensure that a network is not relegated to one linear thread, safeguarding against full-scale outages. Employees also need to know what to do when the network is under attack. They need to study, understand the corporate playbook and take action immediately. It’s also important to consider the form and frequency of back-ups and ensure they are offline and inaccessible to hackers.    

Smart Migration To The Cloud

Migrating to the cloud has historically been reserved for advanced industries. Still, increasingly we are seeing the most conservative vertical sectors, from finance to government, adopt a hybrid or full cloud model. However, the move to the cloud does not necessarily mean that traditional data centres are being eliminated. Large institutions have invested heavily over the years in on-premise servers and will be reluctant to remove them entirely. That is why many organisations are moving to a hybrid environment where certain applications remain on-premise, and newly adopted services are predominantly transitioning to cloud-based software but this means that security has become more complicated. And since these systems need to coexist, it is imperative to ensure that they communicate with each other. As a security professional, it is incumbent upon you to be mindful of that; it is your responsibility to secure the whole estate, whether on-premise, in the cloud, or in some transition state.  

Adopting A Holistic View Of Network Security Management

More frequently than not, I am seeing the need for holistic management of network objects and IP addresses. Organisations are experiencing situations where they manage their IP address usage using IPAM systems and CMDBs to manage assets. Unfortunately, these are siloed systems that rarely communicate with each other. The consumers of these types of information systems are often security controls such as firewalls, SDN filters, etc. Since each vendor has its own way of doing these things, you get disparate systems, inefficiencies, contradictions, and duplicate names across systems. These misalignments cause security problems that lead to miscommunication between people so consider a system that aligns these disparate siloes of information into one holistic view.     

Conclusion

If there’s anything we’ve learned from the past two years is that we cannot confidently predict the perils looming around the corner. However, there are things that we can and should be able to anticipate that can help you avoid any unnecessary risk to your security networks, whether today or in the future. 

Avishai Wool is CTO and Co-Founder of AlgoSec

You Might Also Read: 

Employee Cyber Security Training Is Vital To Reduce Cyber Attacks:

 

« Israeli Government Websites Knocked Offline
How To Improve Cyber Security Visibility & Control »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Ground Labs

Ground Labs

Ground Labs is a security software company dedicated to making sensitive data discovery products that help organisations prevent sensitive data loss.

KoolSpan

KoolSpan

KoolSpan’s security and privacy solutions address the growing threat of loss or theft of intellectual property, information, and proprietary assets.

tietoevry

tietoevry

Tietoevry creates digital advantage for businesses and society. We are a leading digital services and software company with local presence and global capabilities.

Learning Tree International

Learning Tree International

Learning Tree's comprehensive cyber security training curriculum includes specialised IT security training and general cyber security courses for all levels of your organisation including the C-suite.

Tempest

Tempest

TEMPEST is a leading provider of IT products and services including solutions for network and application security.

GuardSI

GuardSI

GuardSI was created to protect companies from growing threats to security such as fraud, hacking, internal theft, accidents and human mistakes that can directly affect the business.

ADL Process

ADL Process

ADL Process offer secure data destruction, certified product destruction and responsible electronics recycling services to businesses and institutions.

Basque Digital Innovation Hub (BDIH)

Basque Digital Innovation Hub (BDIH)

The aim of the BDIH initiative is to provide industrial enterprises, especially SMEs, with the technological capabilities needed to meet the challenges of industry 4.0.

Gray Analytics

Gray Analytics

Gray Analytics is a Cybersecurity Risk Management company providing best-practice services across a broad spectrum of cyber scenarios for both government and commercial customers.

Telsy

Telsy

Telsy is a security partner for ICT solutions and services. We help you implement effective security solutions that increase your risk mitigation ability and your responsiveness.

MDSec

MDSec

MDSec is a consultancy with a passion for information security. Our consultants specialise in application, mobile and hardware security and targeted red team attacks.

Atlantic Data Security

Atlantic Data Security

Atlantic Data Security is skilled in the analysis, recommendation, deployment, and management of all critical components of the security infrastructure.

Arcserve

Arcserve

Defend your data with Arcserve all-in-one data protection and management solutions designed to be the right fit for your business, regardless of size or complexity.

Comcast Technology Solutions (CTS)

Comcast Technology Solutions (CTS)

Comcast Technology Solutions delivers proven technologies for global video, media, communications, data applications, and cybersecurity & compliance.

Dotsquares

Dotsquares

Dotsquares leverage the latest web and mobile technologies to build, grow and support your business.

Blockaid

Blockaid

Blockaid is the onchain security platform for monitoring, detecting, and responding to onchain and offchain threats.