Enterprises At Risk: Could Poor Network Visibility Be To Blame?

by Steve Hunter    Dec 03, 2018

network

Enterprises are undergoing dynamic shifts due to unseen levels of interconnectivity among industrial and other control devices and systems. However, the rise in the number of IP-connected smart devices – or the ‘Internet of Things (IoT)’ – in enterprises are leading to greater security threats, which most organizations are not equipped to recognize or prevent. This is because, for the longest time, IT security experts have relied on traditional cyber defenses to secure a network at the perimeter. The principal area of focus for security architects has been to build a strong perimeter to protect a linear, uncomplicated network of systems – a concept that is fast diminishing with the new level of connectivity that non-traditional IP-connected devices have brought into modern organizations.

Lack of device visibility and rising IoT anxiety

Every new device that comes online through an enterprise network poses a risk by creating a new path for threat actors to breach the perimeter. There is no doubt that IoT, cloud computing, and operational technology enable a great amount of business benefits, including operational efficiencies and cost savings. However, at the same time, they create blind spots which cannot be tackled by conventional agent-based security mechanisms.

From connected lighting systems to printers and even vending machines that are seen in enterprises today, along with a BYOD (bring-your-own-device) culture, organizations are faced with a growing challenge to keep their networks secure as numerous traditional and non-traditional devices are coming online. Therefore, it is imperative to have complete visibility across an enterprise network to be able to detect each device as it comes online. A lack in device visibility can substantially amplify the risk to an organization. All a bad actor needs to compromise an entire network is a single, unsecured device. If a breach is successful, the ramifications are far-reaching and can negatively impact the bottom line and overall trust.

Organizations are facing network-complexity challenges as many operate with siloed technologies that create security gaps. As organizations begin to allocate their cybersecurity budgets, IT experts need to implement new strategies that prioritize visibility. Doing so can help ensure that organizations are equipped with the appropriate tools to comply with regional and global regulations as well as maintain a healthy cyber posture.

 Agentless security solutions for effective network visibility and monitoring

Dependence on being connected for enterprise efficiencies is going to continue to increase, requiring a shift towards security solutions that are continuous, scalable, and agentless. To overcome the risks of today’s evolving threat landscape and to strengthen an organization’s cyber hygiene, businesses must focus on agentless solutions that offer:  

·         Visibility: Protecting the extended enterprise requires knowing how many and what kind of devices are connected to it, along with who owns them – employees or contractors. An agentless security solution is capable of discovering devices, virtual servers and public cloud platforms the minute they connect to the enterprise network. It also classifies and profiles each device, user, and application, assesses their interactions with the networks, and monitors their security posture in real time.

·         Control: With greater visibility of the devices across the network, an agentless security system enforces necessary measures to control access with moderate to high-level restrictions on activities using automation. The solutions’ reporting mechanism informs IT administrators, security teams, and end users about potential issues, and immediately blocks or quarantines devices that have been compromised.

·         Management: It is crucial to implement security solutions that are agentless as well as heterogeneous to help eliminate security silos by being able to work with an organization’s existing, third-party technology. This allows network administrators, CISOs, and management to access timely updates on an enterprise’s security posture as well as rapidly identify any potential security gaps that need attention.  

As cyber criminals continue to be persistent and increasingly become more sophisticated, outdated security protocols and solutions don’t stand a chance against evolved threats. Securing the enterprise network starts with seeing what is connected across the extended enterprise. It is no longer just an IT issue given the surge of interconnected devices in the workplace and the risk that businesses face – today, cybersecurity is a critical business issue.

 

(The author is Senior Director, System Engineering, APJ, ForeScout Technologies)