5 things you can do RIGHT NOW to reduce your attack surface

Every day, there are news stories highlighting critical data breaches at some of the largest companies in the world. Corporate financial data lost. Customer contact and payment information lost. Employee identity information lost. With every newly announced breach, organizations of all sizes are often left scratching their heads and nervously looking for ways that they can avoid being the next headline.

The kneejerk reaction is often to purchase a new (costly) point solution promising to be the remedy to all your security woes. But according to Verizon’s 2015 Data Breach report, 97% of all breaches could be avoided through standard controls. Chances are, that “silver bullet solution” — or rather, dozens of them — is already in network arsenal. The challenge is understanding how they’re impacting your overall security and how best to combine them into the Megazord of network security.

So as a way to inspire some action and relieve some of the stress of not knowing where to start, here are five things your IT security organization can do to get a handle on your risk and attack surface.

Visualize Your Network Infrastructure

Getting a picture (yes, a literal picture) of your entire network is imperative to understanding the links between various devices and components. These links help to further understand the interdependencies between firewalls, IPSs, routers, load balancers, etc., and the flow of information around your network. To this newfound comprehension of your network you can add things like security policies, threats, and vulnerabilities to see your entire attack surface. Using modeling and simulation technology creates an environment to run proactive security tasks like attack simulation, change assessments, and access path analysis.

Leverage Threat Intelligence

There are constant sources of new information available to you about vulnerabilities and threats. But understanding what threats and vulnerabilities are dangerous or exploitable on your network is the difference between data and intelligence. Applying information from sources like scanners and vulnerability databases to your network model can help more accurately show you where risk lies, how it can impact your network and business, and what controls you have in place to mitigate it.

Improve Response Time

Using the network model and threat intelligence can lead to faster response times. While the majority of IT organizations would like to have their networks scanned and compared against the newest threats and vulnerabilities at least weekly, most perform scans monthly, if not less often. Considering that half of all vulnerabilities are exploited within the first four weeks after their discovery, that’s too long to be unaware of risks on your network. Assessing and utilizing all of the information you have, as quickly as you can, means you can respond to your most critical threats faster and more effectively.

Continuously Monitor Changes

Enterprise-scale networks can change daily — even hourly. And making sure that every change is secure and compliant is a huge challenge. Understanding the changes made in your infrastructure’s greater context helps you maintain a continuous view of your attack surface even as it evolves. To minimize the risk of planned changes and keep your attack surface small, utilize the network model to see if the change would allow unintended access, expose vulnerabilities, or violate policy. A standardized workflow will support continuous monitoring, and it will ensure each change is assessed for risk before implementation and is executed as intended.

Automate Tedious Security Operations Tasks

Make it easier for your staff to concentrate on the most critical risks by automating some of the more tedious, time-intensive tasks in firewall management and vulnerability and threat management. Being able to schedule some of the tasks we’ve listed here will continually keep your network more secure, and free up much-needed resources for higher value projects.

These five initiatives can immediately help you reduce your attack surface, get more oomph out of your existing security investments, and lay a foundation for a mature, lasting security program.

Resources

To make things easier on you and your IT security team, the Skybox Platform gives you total visibility and analytic intelligence across your entire attack surface. See where you’re at risk and know how to quickly defend your data and infrastructure. Start your 30-day free trial now!

Learn more about Skybox’s modeling and simulation techniques to create a holistic view of your attack surface and garner the intelligence you need to keep your network secure every day.

See how Skybox Change Manager automates the firewall change management process with a streamlined workflow to ensure every change is secure, compliant, and optimizes your network for best performance.