Network Security: 5 Key Questions a True Solution Should Address
Over half of the industries linked to national security have suffered cyber attacks on their networks, according to a new Symantec study. Yet only one-third of critical industries “feel extremely prepared” for cyber-related attacks. 71 percent of network security operations managers said that their companies have inadequate cyber security protection, according to another recent report.
Why is this? The truth is IDS/IPS systems and other security solutions fail to provide network engineers with the details they need to locate and correct the source of an attack. Without detailed network analysis, security solutions are incomplete. A network recorder is one of the most common tools used today to record all the data throughout a cyber attack. With this approach, post-event analysis exposes the attacker, method, and damage.
Firewalls and other perimeter defenses do not provide enterprise networks with the protection they need from viruses, DoS attacks, and other forms of malware. Especially in the age of mobile users, laptops, and wireless networking, the danger facing networks often comes from the inside.
The recent Stuxnet worm showed it is possible for attackers to carry out a “first strike” through a cyber attack. With the entire attack recorded, organizations are more likely to prevent similar attacks from happening in the future.
Here are five key questions a true cyber security solution should address:
1. Who was the intruder?
2. How did the intruder penetrate security?
3. What damage has been done?
4. Did anything get left behind?
5. Did you capture sufficient information to effectively analyze and reproduce the attack?
While data recorders will not prevent a zero-day cyber-attack, the information they provide can lead to an informed and efficient security posture within an organization. It is more important than ever that organizations arm themselves with knowledge about cyber security and specific solutions before they become the next victim of a malicious attack.