Cyber Security network forensics

Published on October 14th, 2014 | by admin

Perimeter Defenses Are Not Enough

network forensics

Whether you know it or not your company has been breached or at some point will be breached. The truth is it’s not if, it’s when.

Information security and data protection is at an all-time high. Due to the increasing cyber threats organizations are facing, they can no longer get by with a firewall and anti-virus security alone. The minimalist approaches are neither adequate nor acceptable to today’s cyber security environment.

Enterprises such as Target, JP Morgan, Google and Home Depot have all been breached. Millions of clients’ personal information was stolen, from email addresses to credit card numbers. The biggest hack so far this year (2014) was eBay. In May, eBay revealed that hackers managed to steal personal records of 233 million users. The hackers successfully stole eBay credentials and managed to gain access to sensitive data. Even though they revealed it in May the hack actually took place between February and March. This brings up concerns in regards to eBay and many other enterprise companies’ cyber security strategies.

When it comes to perimeter defense you need to have multiple layers.

Layer 1 – Perimeter Network Protection

The outer edge of your network is what you protect first. This would be accomplished with IDS, IPS, VPN device, Stateful firewall and/or Static packet filter.

Layer 2 – Individual Network Protection

Interior protection (individual computer) requires a personal firewall. You could also have ingress and egress filtering on every router along with IDS sensors.

Layer 3 – Software Protection

Protecting yourself against malicious content is just as important. Integrating antimalware that has real time scanning, plus regularly scheduled complete system scans on each computer will further prevent attacks.

Layer 4 – Common Sense

Use common sense when installing software and when using your computer. Your personal awareness is important when taking actions not just at work but outside of work as well.

  • Don’t open emails unless you know who it is from, why it was sent, and if it is even relevant to you.
  • Don’t install any software, without researching prior.
  • Don’t expose your company to any outside devices such as your laptop, USB, or mobile devices.

All of these layers are necessary to protect yourself from cyber threats. Although there is a missing layer that many companies do not have and over look.

Layer 5 – Network Forensics

The most over looked defense is network forensics. When breached it will provide the ability to not just identify irregularities in your network but most importantly tell you:

  • How it happened.
  • Who beached your defenses.
  • Where it came from.
  • How they got in.
  • What assets were compromised.
  • What data was taken.
  • If they are gone.
  • How to recognize it next time so you can stop it.

network security layers

Having the ability to identify each of these allows your company to grow and keep up with the increasing amount of cyber-attacks. Thus, becoming self-sufficient and potentially saving millions of dollars by decreasing the number of vulnerabilities, third party cyber security services, and the severity of breaches.

 

 Does this software exist?

Yes! To learn more about it click here.

Tags: , , ,



Leave a Reply

Back to Top ↑

Show Buttons
Hide Buttons