At the start of a new decade, it’s already clear that the 2020s won’t be a cakewalk when it comes to enterprise security. Analysts predict an increase in targeted ransomware attacks, as well as increase nation-state attacks from the likes of Russia and China, among others. Many predict these players will attempt to carry out numerous operations against countries worldwide. Finally, the introduction of 5G communications and the exponential boom of IoT devices will also increase the frequency of attacks against smart devices.
It’s not all bad
At this point in the conversation, you may be asking yourself: ‘Great, is there any good news around cybersecurity!?’ Luckily, the short answer is yes. In many cases, the best defense means embracing the things you can control and making the most of the tools companies already have in place. Let’s dig deeper into these two areas to learn more.
If you don’t already, start a security awareness program – One of the best ways to increase security controls includes building a security awareness program to educate employees about how to spot potential attacks. The most effective awareness programs cover timely examples to motivate employees to follow best practices and to spot phishing schemes, plus they offer how-tos for regularly patching software. Also, with your security awareness program, incorporate a variety of tools to fit the needs and preferences of different demographics. Security awareness materials can include blogs, newsletters, posters, games, or phishing simulations, etc. The programs that can get the most people to participate are the most effective. Incentivized security activities that award desired behaviors can also make learning about security fun. Programs vary, but effective gamification techniques allow team members to earn points by being security conscious, such as finding bugs in software, reporting a phishing message, or taking a training course. Then, employees can use points towards rewards that are in line with the organization’s culture.
Leverage firewall tools, including embedded DNS security – Many companies already have next-generation firewalls (NGFs) that include advanced protections such as, network segmentation and Domain Name System (DNS) protection. Take advantage of options available within your next-generation firewalls and make sure your team knows how to use them properly. DNS security uses machine learning and automation to analyze massive amounts of network data to predict better, detect, and block malicious domains. Another way integrated DNS security function work is by neutralizing DNS-tunneling attacks. These sophisticated and persistent attacks are often hard to detect because hackers use these tunneling techniques to ‘smuggle out’ sensitive data through firewalls by impersonating legitimate DNS requests.
Refocus on network segmentation – Another set of tools probably already available within your firewall, includes network segmentation capabilities. Network segmentation is a technique for dividing a single network into multiple networks to reduce attack surfaces and risk. Network segmentation limits the amount of sensitive data that a bad actor can get access to in the event of a data breach. IT teams should refocus their efforts on setting up network segments across the enterprise, especially in the IoT era, when ‘connected things’ can quickly and inadvertently serve as an open door for hackers.
Act with a sense of urgency
When it comes to protecting the enterprise against the barrage of security threats, businesses need to use all the tools at their disposal. Strategic leaders and IT teams should start by leveraging advanced features that are already available in next-generation firewall systems and by beefing up with security awareness programs. The smartest companies are learning that it is never too late or too early to refocus on cybersecurity.