Embracing the complexity
It is no longer enough to be across the latest advancements and techniques used by cybercriminals every once in a while .
The rise of cloud , multi-cloud and now hybrid work has made enterprise networks very complex to untangle . But instead of fearing this complexity , CISOs might rather learn how to embrace and master it , just because things will only get more complex from here . strategic posts , as well as a need to better align the organization ’ s cybersecurity posture and strategy .
Hybrid work a hacker field day
Hybrid work has really created a whole new realm of threats and challenges for CISOs and security experts alike . Many of the remote or hybrid devices are still unknown and not managed by the IT department and connect to the organizations from outside of the network . This not only expands the attack surface – and makes attacks such as phishing more prevalent – but many of these devices and the networks they use to connect have little or no protection . This will be a major challenge for organizations to solve in the second half of 2022 .
Five steps to optimize IT infrastructure monitoring safety
Deciding what to monitor
Monitoring every single element of the IT infrastructure in depth would turn into an unwieldy endeavour ; every CISO has to pick their battle . Priority should be put firstly on the capture of status information about current network devices such as routers and switches as well as critical network servers , and secondly ensure that essential services such as email , website and file transfer services are consistently available .
Understanding the composition and complexity of the organization ’ s network , and having the capacity to be informed of how all the individual elements are performing at any given time is a key success factor in maintaining the performance and integrity of the network .
Navigating alert storms
Not understanding dependencies can lead to an aggravating condition called alert storms where alarms sent are not false , but rather unnecessary . Either the network monitoring solution or disparate monitoring tools are set to send alarms and alerts when there ’ s a problem with that particular component . IT needs to know which component is actually the problem and not be sidetracked by all the dependent component ’ s calls for help .
Depending on dependencies
Network monitoring must be dependency-aware . Not only do IT teams need to see all the network devices and services and how they interconnect , they should be able to analyze these automatically . Now , instead of that vexing alarm storm , IT is only alerted to the device that is actually at fault .
Consolidating around a central tool
Many organizations today rely on a myriad of tools to monitor their network devices . The solution to optimize network monitoring isn ’ t necessarily to throw away these tools , but rather not to depend upon them for things that a centralized network monitoring can more easily and effectively provide . CISOs should aim to build a consolidated view of their entire network infrastructure , with a holistic view that creates broad and deep visibility that can ’ t be matched by an array of disparate monitoring solutions .
With the cybercrime landscape moving so fast , CISO ’ s key word for the rest of the year needs to be preparedness . If you ’ ve been through the steps to prepare , and you practise regularly , then you can adapt and respond way quicker each time a threat , or a change happens . That ’ s really what creates resilience . p
46 INTELLIGENTCIO APAC www . intelligentcio . com