Cyber Defense eMagazine December 2019

More documents

Recommendations

Info

101 • Centralizing Network Security Policy Management: Managing security configurations across vendors and platforms, on-prem and hybrid cloud, from a single console will reduce the effort of managing multiple platforms and ensure consistency across the distributed network. • Providing Network Visibility: Understanding the connectivity of your network allows you to identify the specific elements to be modified, meaning change requests can be fulfilled easier and with better accuracy. • Documenting Network Changes: When it comes time to proving compliance, if all network change requests are documented, searchable and readily available, your audit tasks will be fulfilled, and your staff’s time will be freed up for other critical functions. • Policy Cleanup Automation: As time goes by, firewall policies tend to grow in size and complexity. New access is added, but rules and objects are never removed. Cleaning up redundant rules can create a more readable, easier-to-manage policy, but firewall teams seldom have the time for a cleanup project. By automating the decommissioning of redundant rules and objects this can be achieved quickly and with a fraction of the effort. Automate Network Changes Far too many organizations manually process routine and low-risk connectivity requests. These manual processes not only require a significant amount of time, but they’re also prone to errors and misconfigurations which can lead to serious downtime, a failed audit, or worse yet, a breach. Automating network changes through a well-documented process increases an organization’s operational efficiency, without the need for additional staff. It also eliminates resource-intensive mistakes and re-dos. Ultimately, this means gaining better control over access changes and reducing overall risk, using the staff that you already have in place. Empower Novice Engineers In many cases the skill shortage means that the team has diverse knowledge levels leading to an uneven distribution of the workload. Experienced engineers who are very familiar with the network and/or the security standards will be assigned with most routine changes and tasks and will not have time to work on any strategic projects. The only way to distribute the load more evenly is to integrate the expertise into an automated process to empower the novice staff with the daily changes. For example, a large utility company in the US leveraged security policy automation to empower their entry-level engineers and free their experienced staff to focus on strategic projects. By leveraging automated risk analysis against a unified security policy (USP) they were able to ensure that access requests did not violate their network segmentation policy and did not introduce new risks. By leveraging policy-driven automation, the company ensured valid implementation of changes even by those engineers who hadn’t memorized every routing table. The automated process itself also helps ensure consistent implementation and documentation of all changes across the team.
102 Empower Other Teams Network and security teams are often assigned tasks that originate from other teams in IT. In some cases, these tasks can be offloaded into the broader IT group, especially with the right tools in place. Gartner fellow and research vice president Tom Scholtz states, “Many routine security functions can be performed as well by other IT or business functions.” Tom recommends that organizations identify functions or capabilities (such as user awareness communication) that can be handled elsewhere in the business or IT department. One example is provisioning network access for new servers or decommissioning access for outdated servers. The server team can be tasked with these changes as long as they have appropriate guidelines and guardrails to ensure they do not introduce new risks. An automated process for cloning the access policy from one server to another (or to a group of servers) can repeatedly save valuable time for the network team. Another automated process for decommissioning server access can complement the task and tighten network security. In addition, with automation, these tasks can be automatically integrated into the work of other teams and be completed without needing additional assets from the scarce cybersecurity resources. In this way, teams can decommission servers in the firewalls as part of the actual server decommissioning process that is happening elsewhere in IT, or clone its firewall rules as part of setting it up. This is also the case with risk analysis. In the manual days, every change request had to be manually checked for risks using resources that are in short supply. With change automation, risk analysis can happen as part of the automated change process, and only in cases where there is an actual risk, it will be forwarded to the risk officers for further analysis. Another example is managing application connectivity. Network teams have to enable connectivity for application teams in order to support the business. The language barrier between application owners and network engineers doesn’t make the task any easier. Application-driven automation for establishing and troubleshooting connectivity empowers the application teams to initiate requests and analyze disconnects, ensures security policy controls are baked into the process, and leads to tight cooperation between the teams. With analyst firm ESG’s annual global IT survey finding that the cybersecurity skills shortage has been increasing steadily – with 53 percent of organizations bemoaning a lack of necessary talent – it’s difficult to overstate the need to approach this problem in an inventive way. Organizations need to look for fresh ways to manage complexity and improve operational efficiency, which in turn will improve security. Security policy management and automation can enable organizations to better meet the demands of the modern era without being derailed by the cybersecurity skills shortage.
Page 1 and 2:
1 8 Most Common Cybersecurity Mista
Page 3 and 4:
2
Page 5 and 6:
4 The Internet Got Safer In 2019: A
Page 7 and 8:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 9 and 10:
8
Page 11 and 12:
10
Page 13 and 14:
12
Page 15 and 16:
14
Page 17 and 18:
16
Page 19 and 20:
18
Page 21 and 22:
20 8 Most Common Cybersecurity Mist
Page 23 and 24:
22 You can prevent (or decrease) th
Page 25 and 26:
24 While it’s not feasible to res
Page 27 and 28:
26 The major difference is the addi
Page 29 and 30:
28 Oh, my! PerCSoft’s Irony By Ch
Page 31 and 32:
30 • Conduct cybersecurity traini
Page 33 and 34:
32 Persistent Cybersecurity Industr
Page 35 and 36:
34 Automation is welcome and seen a
Page 37 and 38:
36 Protecting Against Modern Cybera
Page 39 and 40:
38 Conclusion Unfortunately, no tec
Page 41 and 42:
40 For 2020 The Death of Traditiona
Page 43 and 44:
42 The Next Five Years The End of E
Page 45 and 46:
44 Government Agencies Are Prime Ta
Page 47 and 48:
46 It’s a basic fact of contempor
Page 49 and 50:
48 simpler way to approach these pr
Page 51 and 52: 50 Why Outsmart Cyber Attackers Whe
Page 53 and 54: 52 Depending on how you look at it,
Page 55 and 56: 54 devices. Russian actors can extr
Page 57 and 58: 56 How to Become a Cybersecurity Sl
Page 59 and 60: 58 industry. Perform online searche
Page 61 and 62: 60 The Security Challenges of Robot
Page 63 and 64: 62 The typical approach in providin
Page 65 and 66: 64 The Blockchain And Wireless Tech
Page 67 and 68: 66 systems. As is quite well-known,
Page 69 and 70: 68 Benefits of Having an SSL Certif
Page 71 and 72: 70 Google has made SSL compulsory s
Page 73 and 74: 72 This year, privacy and security
Page 75 and 76: 74 The Perspectives Of The 5th Indu
Page 77 and 78: 76 The balance between offense and
Page 79 and 80: 78 The Rise of Cybercrime-As-A-Serv
Page 81 and 82: 80 About the Author Mark Belgrove i
Page 83 and 84: 82 the conflict. Practically, it’
Page 85 and 86: 84 fact is something that would see
Page 87 and 88: 86 Furthermore, Tessian in 2019 del
Page 89 and 90: 88 Automatic for The SOC People How
Page 91 and 92: 90 Allows Transparency and Drive Le
Page 93 and 94: 92 Only large enterprises can benef
Page 95 and 96: 94 The Growing Costs of Cyber Attac
Page 97 and 98: 96 After suffering a cyber attack m
Page 99 and 100: 98 Some of the most damaging Inside
Page 101: 100 Out-Smarting the Cybersecurity
Page 105 and 106: 104 New Security Report Highlights
Page 107 and 108: 106 The Threat Lab team also analyz
Page 109 and 110: 108 Drive, AWS, Office 365, etc. It
Page 111 and 112: 110 former governor, this bill also
Page 113 and 114: 112 I mean, if you want to be able
Page 115 and 116: 114 Is It Safe to Connect to Public
Page 117 and 118: 116 5. Safe Browsing Additional dil
Page 119 and 120: 118 flawed method in which Evernote
Page 121 and 122: 120 Really, Imagine a Day Without W
Page 123 and 124: 122
Page 125 and 126: 124
Page 127 and 128: 126
Page 129 and 130: 128
Page 131 and 132: 130
Page 133 and 134: 132
Page 135 and 136: 134
Page 137 and 138: 136
Page 139 and 140: 138 Meet Our Publisher: Gary S. Mil
Page 141 and 142: 140 Free Monthly Cyber Defense eMag
Page 143 and 144: 142
Page 145 and 146: 144
Page 147 and 148: 146 Nearly 8 Years in The Making…
Page 149 and 150: 148
Page 151: 150
show all

Cyber Defense eMagazine December 2019

Create successful ePaper yourself

Delete template?

Save as template?