Why is it, then, that a potential attackers see this as the level of protection?
The CISO has performed all the best practices regarding firewalls and access controls, but attackers invariably find gaps in security.
Bruce Schneier, the internationally recognized security guru, points out
In cyberspace, the balance of power is on the side of the attacker. Attacking a network is much easier than defending a network.Why? The answer is fairly simple: Enterprise networks have become too complex to analyze their access controls using traditional manual processes. Yes, firewall rules can be reviewed and router ACLs can be examined as best practices dictate. But the actual security is determined by the interaction between dozens of such devices, each with hundreds if not thousands of rules. Even if any given device is providing the intended controls, the total affect may be like the closed gate in the image above: gaps in access controls may exist, and attackers can find them.
Verizon's 2011 Data Breach Investigations Report (DBIR) was recently released; two of its key findings were eye openers:
- 83% of victims were targets of opportunity;
- 92% of attacks were not highly difficult.
How can this basic level of security be provided, to at least discourage being a target of opportunity? If the complexity of networks defies our ability to manually find access holes, what can be done?
The only possible answer is to employ security analytics that thoroughly examine the interaction between firewalls, routers, load balancers and switches to determine an organization's security posture. RedSeal System's Security Posture Management systems is one of the few solutions available that provides a systematic, automated approach to continuous monitoring of access controls, thereby ensuring that security policies have been effectively implemented and maintained.
Posts
0 comments:
Post a Comment