FEATURE : NETWORK SECURITY
“ As an organisation ’ s data moves beyond the traditional organisational boundary , CIOs and IT teams must first identify where the resources are ( data , applications , assets , and services ). Network Security today has no boundary . Organisations should focus on cloud , endpoint and the traditional on-premise network as the areas to secure , and tools such as next-gen firewalls , cloud security , endpoints , etc . should be automated , simple to deploy and use and above all else , easy to integrate ,” he added . “ They should be used as a singular platform vs point vendors or tools creating more complexity and fragmentation in the network which will eventually lead to complexity . Generally , selecting the best tool often means you should determine how easily it can integrate in your overall platform . A tool can be very strong , but if it doesn ’ t report , orchestrate defence or share threat intelligence with your other network security tools , it becomes its own silo and therefore has to be managed separately which takes up more resources .”
Emad Fahmy , Systems Engineering Manager ,
Middle East , NETSCOUT are free to move about the network , taking whatever , they find with them as they leave ,” he added . Traditional perimeter security simply isn ’ t enough to protect multiple environments against today ’ s cybercriminals . Instead , IT and security teams need to adopt a model in which nothing – no device , person , or action – is inherently trusted .
Pasha said CIOs along with their IT teams need to think in a Zero Trust strategic mindset and focus on understanding where the crown jewels are and what is critical to the business . He said with that understanding they can build a cyber response strategy should those crown jewels come under attack and ensure they have full visibility and ability to respond to every malicious incident they see .
Pasha said some common mistakes generally that CIOs and their teams make include picking point products and not focusing on the whole security platform , or not clearly understanding where the crown jewels of the organisation are and how they share data and are reliant on the rest of the network . “ CIOs when designing their network security at times do not follow best practice standard to secure the environment such as NIST , CIS , ISO amongst many . In addition , it is essential to have a clear roadmap for transformation – often CIOs build an IT strategy without keeping cybersecurity in mind from the beginning . It is recommended to use zero trust and an automated security operations centre to support the cyber security programme ,” he said .
Pasha pointed out that organisations should focus on a cyber resilient framework which looks at the organisational culture , policy , process , strategy and the technology critical to building it . “ It is advised to have consistent penetration tests to understand the gaps , both from an internal and external points of view . My recommendation is to rotate the penetration test partners every year to get differing points of view ,” he said . “ Moreover , organisations using an attack surface management capability which gives a real-time attacker point of view is important , as well as building a highly autonomous security operations centre to catch malicious behaviour in real-time .”
According to Tenable ’ s Jadallah , going forward , the focus must also be placed on securing accounts – employees , service contractors , temporary workers , systems accounts and others – and their access to and permissions across systems . “ The old adage , that the best defence is an offence , stands true in cyber . The more you can prepare and harden systems , it will help reduce the business risk from cyberthreats ,” he said . p
48 INTELLIGENTCIO AFRICA www . intelligentcio . com