Every facet of cybersecurity, from managing identity through to mitigating the risk of data loss has a link to the network and its supporting infrastructure.
Anthony Rees, the Field CTO at Lacework, says securing the organisational network is the highest priority facing security teams. By taking an ordered approach, organisations can mitigate the risk of their security corporate crown jewels being compromised.
“Cloud identity and zero-day vulnerabilities are the biggest risks I’m seeing today. Common vulnerabilities, like Log4J, WannaCry and HeartBleed can be very difficult to find and remediate,” Rees says.
The key, Rees explains, is to focus on the three areas of security hygiene, cloud posture and code security. Security hygiene, such as correctly configuring security and keeping systems up to date ties into cloud posture management and using best practices across cloud environments.
“Making sure that we haven’t left ports open, configuring RDS databases correctly and using best of breed practices to ensure our cloud security posture is optimised are critical to protecting networks and infrastructure.”
Taking this journey is not without challenges. In his experience, Rees says there are three major blockers to getting network and infrastructure security right. Resourcing is a major issue with security experts in short supply. And many organisations find it difficult to prioritise threats within their organisation in the context of attack chains threat actors can exploit.
“The first step in dealing with these challenges is visibility,” says Rees. “You must identify everything in your environment and then prioritise anything that is internet facing. Then look for the current CVEs and any zero days that could potentially impact those applications and services.”
Application security is also critical. With so many services using open source and shared packages, code security is critical. By looking at those threats and risks in the context of critical workloads and ‘crown jewel’ data, organisations can direct resources where they will have the most impact.
Understanding the environment and the risks it faces is the key to securing an organisation’s network and infrastructure. Combining a robust risk mitigation plan with having contextual visibility on key workloads, will enable organisations to prioritise their resources to protect their most important assets.