FEATURE : NETWORK SECURITY home office networks , personal devices , the cloud and third-party partners . The result said Jadallah is that shared corporate networks are more vulnerable than ever and can be accessed easily with only one connected device being compromised . “ Now , companies need to make foundational investments to ensure long-term protection from bad actors . Shortcuts and addressing individual problems will not stand a chance against growing and evolving cyberthreats , but businesses can stay ahead of the cyberattack curve by investing and sustaining cyber solutions ,” he said .
Maher Jadallah , Senior Director MENA , Tenable
He explained that organisations need to be able to determine what vulnerabilities exist within their entire infrastructure – both IT and OT , affecting which assets . “ In addition , they need to be able to prioritise the vulnerabilities that pose a real , versus theoretical risk – so those that are being actively exploited . This intelligence allows them to focus efforts on those vulnerabilities that matter and fix these first . When we think of traditional network security , the premise is to fortify the perimeter . The aim is to prevent threats outside of the network from getting in . The downside is that , once users or bad actors clear the perimeter , they are free to move about the network , taking whatever , they find with them as they leave ,” he added . Traditional perimeter security simply isn ’ t enough to protect multiple environments against today ’ s cybercriminals . Instead , IT and security teams need to adopt a model in which nothing – no device , person , or action – is inherently trusted .
Pasha said CIOs along with their IT teams need to think in a Zero Trust strategic mindset and focus on understanding where the crown jewels are and what is critical to the business . He said with that understanding they can build a cyber response strategy should those crown jewels come under attack and ensure they have full visibility and ability to respond to every malicious incident they see .
“ As an organisation ’ s data moves beyond the traditional organisational boundary , CIOs and IT teams must first identify where the resources are ( data , applications , assets , and services ). Network Security today has no boundary . Organisations should focus on cloud , endpoint and the traditional on-premise network as the areas to secure , and tools such as next-gen firewalls , cloud security , endpoints , etc . should be automated , simple to deploy and use and above all else , easy to integrate ,” he added . “ They should be used as a singular platform vs point vendors or tools creating more complexity and fragmentation in the network which will eventually lead to complexity . Generally , selecting the best tool often means you should determine how easily it can integrate in your overall platform . A tool can be very strong , but if it doesn ’ t report , orchestrate defence or share threat intelligence with your other network security tools , it becomes its own silo and therefore has to be managed separately which takes up more resources .”
Pasha said some common mistakes generally that CIOs and their teams make include picking point products and not focusing on the whole security platform , or not clearly understanding where the crown jewels of the organisation are and how they share data and are reliant on the rest of the network .
“ CIOs when designing their network security at times
do not follow best practice standard to secure the environment such as NIST , CIS , ISO amongst many . In addition , it is essential to have a clear roadmap for transformation – often CIOs build an IT strategy without keeping cybersecurity in mind from the beginning . It is recommended to use zero trust and an automated security operations centre to support the cyber security programme ,” he said .
Pasha pointed out that organisations should focus on a cyber resilient framework which looks at the organisational culture , policy , process , strategy and the technology critical to building it . “ It is advised to have consistent penetration tests to understand the gaps , both from an internal and external points of view . My recommendation is to rotate the penetration test partners every year to get differing points of view ,” he said . “ Moreover , organisations using an attack surface management capability which gives a real-time attacker point of view is important , as well as building a highly autonomous security operations centre to catch malicious behaviour in real-time .”
According to Tenable ’ s Jadallah , going forward , the focus must also be placed on securing accounts – employees , service contractors , temporary workers , systems accounts and others – and their access to and permissions across systems . “ The old adage , that the best defence is an offence , stands true in cyber . The more you can prepare and harden systems , it will help reduce the business risk from cyberthreats ,” he said . p
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 53