Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Outside the Comfort Zone: Why a Change in Mindset is Crucial for Better Network Security

Stepping outside the confines of our comfort zone and embracing a mindset that prioritizes adaptability, shared responsibility, risk-awareness, and preparedness is indispensable in fortifying defenses in the modern distributed network.

Network Security

Change is constant but it is not always wanted nor easily accepted. For the last two decades, the enterprise network has primarily consisted of appliances deployed in a controlled number of settings and locations. As such, security has typically been handled with intrusion detection (IDS) or intrusion prevention systems (IPS), firewalls, and other legacy tools. Those of us on the security team became familiar with the tools and managing them became very rote and process driven. We got very good at being comfortable because we knew we could see the traffic and activity that we needed to see and we could react very quickly because we knew what tools to use. After all, we had seen it all before.

Then along came COVID. COVID served as a catalyst for accelerating technological change, bringing an unprecedented shift in how businesses leverage technology, and propelling advancements that might have otherwise taken years to materialize. It forced us all out of familiar work and social routines and it forced businesses to make immediate changes to their infrastructures, accelerating the adoption of remote work technologies like video conferencing, cloud-based collaboration tools, and virtual private networks (VPNs). Gone were the neatly confined work stations at designated office locations managed by a centralized security operations center (SOC). Individual work stations where ever employees lived very quickly became the new normal.

These changes also opened a Pandora’s box of opportunity for attackers who now had a new landscape of devices that they could exploit and that spread far beyond the control of a traditional SOC. In fact, research found that previously unseen malware and other malicious activity jumped from 20%, prior to the pandemic, to 35% in just the first few months of the outbreak. The interconnected distributed network meant that the security measures we had once relied on, were no longer sufficient in keeping up with increasingly sophisticated cyber threats. We had to step out of our comfort zones and embrace a more proactive approach. The question became: how do we do this?

As with any change, there is always resistance and accepting that the “old” way of doing things is no longer sufficient can be challenging. However, we must adopt a mindset that acknowledges that the dynamic and dispersed nature of threats in a post-pandemic world means that we have to embrace new ways of staying up-to-date on the latest security trends, emerging vulnerabilities, and evolving attack vectors. This proactive approach will better allow for the swift adoption of new security measures and tools as well as the adaptation of existing protocols to effectively counter emerging threats.

Moreover, cultivating a culture of shared responsibility is essential. Often the assumption that network security is solely the responsibility of IT professionals can lead to a fragmented approach within organizations. We have to make sure that we do not undo all of the work we have done to break down the silos within our organization. We can do this by emphasizing that every team member is a stakeholder in ensuring network security and promoting a collective effort towards safeguarding sensitive data and assets. This inclusive mindset encourages employees to become more vigilant, practice good cyber hygiene, and promptly report any suspicious activities.

Additionally, embracing risk as an inherent aspect of innovation is crucial for fostering a security-oriented mindset. If we fear failure or resist these changes we can hinder the adoption of new technologies or security measures that could potentially mitigate vulnerabilities. We would do better to reframe these risks as opportunities for growth and innovation. We can proactively assess and manage risks while embracing new solutions that enhance network security without stifling progress and ultimately even save costs.

That said, the significance of anticipating and preparing for worst-case scenarios cannot be overstated. If we operate with a mindset that acknowledges the possibility of breaches or security incidents, we are empowered to develop robust incident response plans. By refining our response strategies, we minimize the impact of potential breaches, and we can swiftly mitigate the aftermath of security incidents.

Stepping outside the confines of our comfort zone and embracing a mindset that prioritizes adaptability, shared responsibility, risk-awareness, and preparedness for worst-case scenarios is indispensable in fortifying defenses in the modern distributed network. If we welcome this transformative mindset as a security team, we will not only enhance our security posture but also pave the way for more resilient and proactive approaches and ultimately prove that no matter how uncomfortable change can be, in the end we will be better – and more secure – for it.

Advertisement. Scroll to continue reading.
Written By

Matt Wilson is the Vice President of Product Management at Netography. Over his 25+ year career, Matt has held senior technology leadership positions across numerous industries including Neustar, Verisign, and Prolexic Technologies. With a rich background in innovation and go-to-market strategies, Matt has been a critical leader in helping many companies conceptualize solutions from the customer lens and drive them to market with significant impact.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.