Six Must-Focus Cybersecurity Areas in Network Sprawl


By Zachary Folk, Director of Solutions Engineering, Camelot Secure

The anticipated benefits of 5G’s faster speed, lower latency, and greater capacity to accommodate many connected devices hold tremendous potential and promise. The Ericsson Mobility Report predicts that 5G subscriptions will reach 4.4 billion globally by the end of 2027 and reach 48% of total global mobile subscriptions. However, every new technology has the downside of bringing additional attack surfaces, exacerbating cybersecurity problems.

In addition to the massive number of new devices shuttling data over 5G networks, the stay-at-home workforce also adds to cybersecurity issues. In this relatively new environment, employees use personal devices to connect with corporate networks. Many of these devices don’t have the most recent security patches installed, which opens doors to advanced persistent threats.

Another “plus” in the cyber-attackers column is that many organizations are significantly understaffed with cybersecurity experts to monitor network traffic, identify the anomalies considered a top priority, and execute a process to contain threats. As attack surfaces grow, skilled IT staffs continue to dwindle. No matter what the cybersecurity staff size is, they must continue to focus on these six areas:

  1. Awareness and Monitoring – Get familiar with your attack surface and make sure you have up-to-date documentation of all connected assets. Use a Security Information and Event Management (SIEM) baselining software, a rogue system detection device, and a vulnerability scanner to help with the identification.
  2. Cybersecurity Training – It’s crucial to ensure the IT team knows how to identify potential compromises and the knowledge to report and escalate a response when needed correctly.
  3. Impact Reduction – Limit sensitive information and connectivity to vulnerable systems and have a well-trained Incident Response Plan (in-house or third-party) to address cyber threats.
  4. Vulnerability Management – A Vulnerability Management program will collect the latest threats and vulnerabilities, including threat intelligence. The data for the intelligence collection can be produced by a vulnerability scanner tailored to individual networks with a SIEM.
  5. Threat Information Sharing – Participation in threat information sharing platforms such as the Cybersecurity and Industrial Security Agency’s Automated Information Sharing program and the Cybersecurity Incident Response Center’s (CIRCL) Malware Information Sharing Platform (MISP), which is also known as the Open Source Threat Intelligence Platform (OSTIP) is highly recommended.
  6. Incident Response Training -Finally, prioritized training for SOC/NOC personnel that emphasizes how to conduct the processes outlined in the Incident Response Plan is needed, along with periodic (monthly) reviews of the Vulnerability Management Plan to ensure that it accurately incorporates assets and addresses all vulnerabilities.

New technologies indeed bring advancements in communication and computation. But these advanced technologies come with the warning that each newly connected device holds an additional gateway for hacker entrance. Enterprises are facing new vulnerability challenges against the backdrop of inadequate IT protection.

Cybersecurity professionals must automate network security using SIEM, rogue systems detectors, and vulnerability scanners to identify potential threats. For organizations lacking cybersecurity personnel or the necessary monitoring/analyzing tools, highly-trained, third-party cybersecurity professionals can perform all these preventative threat measures—often at a lower cost than one highly-trained cybersecurity professional.

Outsourcing cybersecurity responsibilities to a third-party security provider is similar to outsourcing data storage and processing to a cloud provider. Both bring cost, scale, and expert knowledge advantages to the table. As the border of today’s enterprise networks continues to creep beyond the confines of corporate walls, more skilled cybersecurity teams and advanced automation tools are needed to mitigate risks and diminish attack surfaces.

About the Author

Zachary Folk currently serves as the Director of Solutions Engineering at Camelot Secure. As an experienced Cyber professional, he has worked in roles ranging from System Administration to Information System Security Management. This experience allows him to help companies integrate technical solutions for compliance and security standards. He holds several top-level Cybersecurity Certifications and a bachelor’s degree from the University of Alabama in Huntsville.  Additionally, he has served 14 years as an Officer in the Alabama National Guard. Zachary can be reached online at zachary.folk@camelotsecure.com and at https://camelotsecure.com/.



Source link