Addressing the issue of enterprise security in 2019 has become a top concern for many businesses that still seem to flounder when attempting to apply a solution to this vexing problem.
Marriott. Facebook. Ticketmaster. Those are just a few of the brands that suffered the most significant headline-grabbing security breaches of the past year. And according to a study reported by ZDNet, one in three enterprises say they aren’t “confident” they could fend off an attack that would lead to a breach.
Research by Kaspersky Lab, which surveyed 6,000 employees at companies varying in size and location, found that the average security breach costs an enterprise organization about $1.23 million. That doesn’t include the cost for recovery, which is estimated to be $1.6 million.
These costs don’t include the price of losing consumer trust, which could cause a massive financial impact on any brand. When enterprises add all of that up, it’s easy to see why prevention is a topic on the minds of many executives today.
How can you ensure your enterprise networks are secure?
At Ziften, we focus on real-time and historical endpoint and server monitoring for our customers. By doing so, we can protect against advanced threats and remotely respond to confirmed threats within their environments.
I’d argue that, without continuous cyber visibility, companies have little chance to combat today’s sophisticated attacks. So, what can enterprises do to begin to address their cybersecurity?
Assess – and reassess – networks. By performing network penetration tests, reviewing and refining network segmentation, and monitoring continuously for traffic or data-flow anomalies, enterprises can head off trouble before a crisis ensues.
Because enterprise networks are so complex and always in flux, they’re susceptible to attacks. Even the best network security architecture can easily become a target when an alteration or change in configuration is made. Just one careless configuration error can land a company on the list of those that have been breached. Attackers constantly probe networks for weaknesses, which means any misstep can have massive consequences.
To avoid putting networks at risk, your IT team should reassess network protections and revalidate network segmentation on-premises and in the cloud. Ensure that your team is conducting network penetration tests and monitoring for abnormalities in data flow and traffic.
To capture events and detect unusual activity, create a block diagram of all cyber assets. Label it with the tools employed to observe and analyze each type of activity. If there are gaps, make a plan to address them. Ensuring visibility of cloud services, networks, systems, applications, databases and user sessions is vital, either by an internal security operations center (SOC) or by a managed security service provider (MSSP).
Stay vigilant by keeping in mind that attack activity is the rule, not the exception. Being complacent can create danger across an enterprise. Attackers often place reentry hooks into your endpoints and network devices that may be compromised. Everything is vulnerable and must be scoured for possible breaches. Remember that attackers can be persistent, so never lower the defenses.
While perimeter protection does serve a purpose, they’re insufficient. They can be subverted. By taking inventory and retiring systems, devices, applications, and entitlement grants that aren’t trustworthy, enterprises can stem attacks.
The business is subject to both external attacks breaching the perimeter and malicious insider threats. For this reason, decisions about authorization or authentication should always be made with risk in mind. By continuously monitoring for anomalies, access can be suspended or revoked if suspicious activity is detected.
Exercise constant vigilance to avoid attacks.
By following these guidelines, an enterprise can greatly increase its odds of staying safe and avoiding an attack.
Constant vigilance is needed to ensure the cybersecurity of businesses today. New threats and a host of cybercriminals await the moment a company’s guard is down. There’s never a time when an enterprise should feel as though it isn’t vulnerable. Endpoint security should always be top of mind. Protect the network and watch for anomalies.
originally posted on Forbes.com by Mike Hamilton
