Enterprise Infrastructure Security
Presently Enterprises/ Corporate are becoming target for the cyber attacks. Security breaches are occurring more frequently and becoming more sophisticated. Attacks are growing both in number and complexity. Technologies and new tools exposing organizations more.
The security defense strategy somewhere is lagging behind. Many organizations do not care about the safety and security. When I have some experience in participating and conducting one global security survey from X firm, where out of approximately 1000 nos. of enterprises and from the consolidated survey result it was noticed that;
- Approximately 55% of organizations do not think to protect their overall system.
- The biggest cyber threats to the organizations are Phishing, Cyber attack, Malware, Spam, Fraud, Internal attack, Espionage, etc.
- Most vulnerabilities lies in careless or unaware employees, outdated security controls, unauthorized access, use of smart phone, cloud computing & IoT.
- Approximately 53% of organizations do not have any system to identify Breach, identify Vulnerability, Threat Intelligence, Data protection, Identity & Access Management.
- Although there are some good news that;
- New type of roles in a Organization are rising such as Chief Security Officer (CSO) and Chief Information Security Officer (CISO) to specifically focus on cyber landscape.
- Establishment of Security Operation Center (SOC) have increased gradually.
- Assessments such as vendor risk assessment, vulnerability assessment, penetration testing, forensic analysis and using device level security such as SIEM, DLP, zero trust, IDS/IPS, IAM & Firewall have increased.
Here I can suggest a little checklist for considering the Infrastructure security and which can be taken for a best practice approach with further consulting to experts. This can be implemented gradually with proper design thinking an budgeting in advance.
- Need to protect offline access or end point encryption on desktops, laptops and servers by using Symantec end point protection, Bit Locker etc.
- Implementation of process execution prevention by using AppLocker, BeyondTrust, Avecto etc.
- Implementation of network segregation such as VLAN, IPSEC etc.
- Log review and analysis for anomalies by using SIEM tools.
- Keeping a regular automatic backup solution.
- Using centralized anti-virus solutions or anti-exploit solutions.
- Regularly doing the configuration reviews, firewall policy reviews, Vulnerability Assessment and Penetration Testing etc.
- Using Identity Management, Password Management, Data protection etc.
Therefore, Organizations/ Enterprises need to look beyond preventive measures in their security assessments. There should be robust cyber plan to improve their protection.
-DR
No comments:
Post a Comment