Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

No More Network Blind Spots: See Um, Secure Um

East Coast summer nights of my childhood were thick with humidity, fireflies and unfortunately, merciless mosquitoes and biting midges. So, when a West Coast friend said she had a summertime no-see-um tale to tell, I was ready to commiserate.

East Coast summer nights of my childhood were thick with humidity, fireflies and unfortunately, merciless mosquitoes and biting midges. So, when a West Coast friend said she had a summertime no-see-um tale to tell, I was ready to commiserate.

My friend likes to camp – alone. Not in deep, dark, remote backcountry, but, you know, at drive-in campgrounds. Pull in, pitch a tent, camp – that’s her style. While not the most private, she likes the proximity to restrooms and even, people.

Before one adventure, she was gathering provisions at Costco when she saw a “no-see-um” tent for sale. “Well, this is exactly what I need,” she thought. No longer would she have to lower her “shades” or head to the restroom to change. She’d be free to undress in her tent, relax and fall asleep to the hum of an adjacent freeway.

Of course, we can all figure out how this story ended. After having enjoyed her newfound freedom for an evening, she returned the following morning from a visit to the loo only to realize the naked truth.

Like A Good Boy Scout, Are You Prepared?

While my friend’s false sense of security bordered on the ridiculous – okay, it was ridiculous – it speaks to the potential for misjudging cybersecurity readiness. Her problem was that she felt secure when she wasn’t – a blind spot of sorts that could have led to more than just awkward consequences.

In a way, the same holds true with enterprises who have bought innumerable security tools – perimeter firewalls, endpoint antivirus, IPSs – to keep prying eyes out. They, too, often have a false sense of security. Unlike my friend, it’s not that they don’t understand how these tools work; rather it’s that they don’t understand that these tools cannot provide complete network protection.

There are simply too many bad guys and too little time to detect and prevent all cyberattacks. Not only is malware everywhere – for example, zero-day exploits and command-and-control infrastructures are available for purchase at a moment’s notice by anyone with a computer and the desire to wreak havoc – but with data flying across networks at increasing speeds and volumes, it’s more and more difficult for enterprises to do any intelligent analysis to uncover threats and prevent attacks from propagating across core systems.

Detecting compromises is hard. It requires monitoring a series of activities over time and security tools only have visibility into a certain set of activities – most cannot see and comprehend the entire kill chain. This incomplete view is more than problematic – it’s dangerous.

In fact, according to 67 percent of respondents to a new Vanson Bourne survey, “Hide and Seek: Cybersecurity vs. the Cloud,” (PDF) network blind spots are a major obstacle to data protection. The survey, which polled IT and security decision-makers on network visibility and cloud security preparedness, also revealed that 43 percent of respondents lack complete visibility into all data traversing their networks and half lack adequate information to identify threats. By all counts, such data blindness could lead to serious security implications – not only within enterprise environments, but also in the cloud, where 56 percent of respondents are moving critical, proprietary corporate information and 47 percent are moving personally identifiable information.

See the Forest and the Trees

Sometimes we apply an available tool because it sounds like it’ll do the job – ahem, my dear friend and her no-see-um tent – but fully understanding the purpose and assessing the efficacy of your security tools isn’t a minor detail to be overlooked. Enterprises who’ve been buying more tools to address the security problem are beginning to question if they are getting the right return on their investments, especially when they have no means to measure how secure they are. To further complicate matters, more tools often increase the complexity of security architectures, which can exacerbate the data blindness issue.

So, what can be done? For sure, preventative solutions shouldn’t go away – they play a critical role in basic security hygiene and protecting against known threats – but they must be augmented with solutions for better detection, prediction and response in a way that doesn’t create more blind spots. In other words, with a new approach that is founded on greater visibility and control of network traffic to help increase the speed and efficacy of existing security tools and that allows enterprises to say, “Okay, this is where my investments are going and these are the gaps I need to address to become more secure or even, to identify if it’s possible to become more secure or not.”

If you’re unsure how secure your network is, maybe start with a few simple questions:

• Can you see into all data across your network? Or does some data remain hidden due to silos between network and security operations teams?

• Are your security tools able to scale for faster speeds and increased data volume? Without diminishing their performance?

• What about your cloud deployments – are they being used securely? Is there clear ownership of cloud security?

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...