If there’s been a silver lining to the string of devastating cyberattacks against some of the biggest organizations in the world over the last year, it’s that the list of “what not to do” has continued to grow, putting other companies on notice.
If you use a third-party vendor, for example, make sure their networks are just as secure as your own. When there are known security vulnerabilities, reconsider using end of life operating systems like Windows XP on your devices.
These are some of the most prominent recent lessons, but there are plenty of other threats to network security lurking just below the surface. And these are the vulnerabilities that attackers will look to exploit. After all, why would they target a well-defended vector when there may be an easier point-of-entry somewhere else? That would be like a burglar trying to break down a locked door, instead of checking first to see if maybe a window was left cracked open.
In today’s business environment, the list of overlooked network security threats is endless. Information security professionals are modern-day gladiators, tasked with defending corporate data and networks against both known and unknown threats, but no matter how skilled they are, there will always be new threats to their networks. Here are seven to think about:
1. Rogue Employees
2. Delayed Device Deprovisioning
3. A Single, Vulnerable Security Vendor
4. Out of Date Software
5. Failure to Adapt to New Technology
6. Security Solutions and Policy Misalignment
7. Shadow IT
|REGISTER FOR WEBINAR|
Most working environments would be lucky to be vulnerable to only one of these. The reality is, these threats are so pervasive that many information security professionals are bound to face multiple iterations of each, all simultaneously. They’re fighting an ongoing war on several fronts, in which the enemy’s resources are never fully depleted. And in some ways, the enemy continues to gain the upper hand – the average data breach costs about $145 per compromised record, up 9 percent from two years ago.
Yet, it’s not a losing battle. Information security professionals can emerge victorious. The best approach, after uncovering the threats, is to develop and execute a sound approach to network security, as well as enforcement of these policies. Security, flexibility and ease of management all have to work in sync to maximize success. It’s how you train your employees. It’s the technology you choose to adopt. It’s the processes that tie all of your security initiatives together.
So if you’re an information security professional, don’t be afraid to find and eliminate these threats.
Go ahead, be a hero.
To learn more, join NCP engineering and Julian Weinberger, CISSP, Director of Systems Engineering, for the webinar, “7 Security Threats You May Have Overlooked,” Tuesday, November 18, 2014 at 11:00 a.m. PST. Attendees will also receive a copy of our white paper on the same topic.
Want to learn more threats to your company’s network?
In 7 Security Threats You May Have Overlooked, we cover:
– How to handle environments fraught with rogue employees, personal devices, and EOL products.
– A sound approach to security policies and their enforcement, including the important of executive involvement.
– A new way to think about VPN solutions to simultaneously maximize security, flexibility, and ease of management.