need to better align the organisation ’ s cybersecurity posture and strategy .
Hybrid work a hacker field day
Hybrid work has really created a whole new realm of threats and challenges for CISOs and security experts alike . Many of the remote or hybrid devices are still unknown and not managed by the IT department and connect to the organisations from outside of the network . This not only expands the attack surface - and makes attacks such as phishing more prevalent - but many of these devices and the networks they use to connect have little or no protection . This will be a major challenge for organisations to solve in the second half of 2022 .
Five steps to optimise IT infrastructure monitoring safety
Deciding what to monitor
Monitoring every single element of the IT infrastructure in depth would turn into an unwieldy endeavour ; every CISO has to pick their battle . Priority should be put firstly on the capture of status information about current network devices such as routers and switches as well as critical network servers and secondly ensure that essential services
such as email , website and file transfer services are consistently available .
Embracing the complexity
The rise of cloud , multi-cloud and now hybrid work has made enterprise networks very complex to untangle . But instead of fearing this complexity , CISOs might rather learn how to embrace and master it , just because things will only get more complex from here .
Understanding the composition and complexity of the organisation ’ s network and having the capacity to be informed of how all the individual elements are performing at any given time is a key success factor in maintaining the performance and integrity of the network .
Navigating alert storms
Not understanding dependencies can lead to an aggravating condition called alert storms where alarms sent are not false , but rather unnecessary . Either the network monitoring solution or disparate monitoring tools are set to send alarms and alerts when there ’ s a problem with that particular component . IT needs to know which component is actually the problem and not be sidetracked by all the dependent component ’ s calls for help .
Depending on dependencies
Network monitoring must be dependency-aware . Not only do IT teams need to see all the network devices and services and how they interconnect , they should be able to analyse these automatically . Now , instead of that vexing alarm storm , IT is only alerted to the device that is actually at fault .
Consolidating around a central tool
Many organisations today rely on a myriad of tools to monitor their network devices . The solution to optimise network monitoring isn ’ t necessarily to throw away these tools , but rather not to depend upon them for things that a centralised network monitoring can more easily and effectively provide . CISOs should aim to build a consolidated view of their entire network infrastructure , with a holistic view that creates broad and deep visibility that can ’ t be matched by an array of disparate monitoring solutions .
With the cybercrime landscape moving so fast , CISO ’ s key word for the rest of the year needs to be preparedness . If you ’ ve been through the steps to prepare and you practise regularly , then you can adapt and respond way quicker each time a threat , or a change happens . That ’ s really what creates resilience . u
76 www . intelligentciso . com