- Ben Cole, Executive Editor
Companies are still adjusting to the new normal of network security, figuring out how to protect information with at least a percentage of their workforce conducting business remotely. But even before the COVID-19 pandemic further complicated network cybersecurity, systems and data were under pressure from a new class of threats much more complicated than typical phishing expeditions.
Hackers today use advanced techniques such as "island hopping" to attack enterprises via their more vulnerable business partners or tap into deepfake technology to fool user authentication mechanisms. Even nation-state hackers have moved beyond targeting huge corporations that operate industrial control systems. Information available on small companies' networks might provide insight into the operations at their larger business associates, for example, or about any dealings they have with the federal government.
The deep pockets and expansive resources at nation-state hackers' disposal make it difficult to protect against these types of attacks, especially for smaller companies unaware of how attractive their information is to foreign actors.
To keep pace in the current threat environment, network security must go beyond the basics. The future of network security, to be effective, requires implementing technological advances such as AI, machine learning, deep learning and automation to ensure teams are prepared to employ the latest threat countermeasures. The problem is that hackers are incorporating these technologies as well, creating a cybersecurity "arms race" to determine which side can use them most effectively.
The ability to quickly detect threats to users, devices and applications will be essential to ensure cybersecurity in modern organizations. Statistics show breaches often go undetected for months before they are discovered -- allowing attackers to take their time as they sift through and gather sensitive company data. Data lifecycle management and monitoring will go a long way toward catching breaches early. Strong user identification and verification methods are also required to offset these risks and to reduce network security vulnerabilities. In addition, companies can greatly benefit from sharing threat intelligence and cybersecurity data analysis with each other, helping determine mitigation best practices.
These constantly evolving network security threats can be overwhelming for CISOs and other company leaders. In this issue of Information Security magazine, get insights into the future of network security, including advice on how to incorporate the latest techniques and strategies to offset evolving cybersecurity risks. The information will prove invaluable as businesses' security leaders navigate the "new normal" of network security. (Then, take our quiz based on this issue. You'll earn CPE credit by answering nine of 10 questions correctly.)
- Tackling Mobile Security and BYOD Risks –SearchSecurity.com
- Enforcing Endpoint Security: Creating a Network Security Policy –SearchSecurity.com
- Desktop Admin for BYOD: Security Chapter –SearchSecurity.com
- E-Guide: Wireless LAN access control: Managing users and their devices –SearchSecurity.com