SUBSCRIBE NOW
IN THIS ISSUE
PIPELINE RESOURCES

Closing the Top Five Cybersecurity Gaps

ORDER REPRINTS DOWNLOAD COMMENT DISCUSS SHARE


Organizations need to be able to bring together the solutions that are best suited to defend their on-prem infrastructure.
quickly deploy updates and fixes without having to worry about breaking their networks. Customers upgrading from a more secure FortiOS 6.2 to 7.0 found themselves suddenly vulnerable. In this very typical scenario, the only solution is to be able to upgrade or downgrade at any given time. But teams need to ask, “What is the proven best practice for upgrading or downgrading without breaking things?”

Inability to deploy the right security tools

With the hybrid infrastructure model, the public cloud portion is the easiest part to secure because there are well-known use cases and associated security tools for Big Tech cloud platforms including AWS, Azure, and GCP. For example, most cloud security products can be turned on from their respective app store; from there, they assess virtual public cloud instances, toggle the appropriate switches, and insert themselves into the traffic path.

However, imagine you want to manage your on-prem infrastructure, such as in a hospital or manufacturing plant, in the same way. Consider the digital services stack of:

  1. Connectivity: MPLS/DIA/LTE CPE ISP WAN devices, HA Pair of WAN routers, NGFWs, SD-WAN devices, Wireless APs, PoE Switches
  2. Out-of-band infrastructure: Serial consoles, UPS systems, smart PDUs, and machines to run observability agents, network taps, and jump boxes
  3. IT equipment: PCs and servers (for example, an ESXi server to host local applications)
  4. IoT/OT devices: Digital signage, smart speakers, sensors, security cameras, building automation systems, printers, PCs, smart conference rooms, and VoIP systems
  5. IoMD devices: Pill dispensers, imaging equipment, robots, and safety sensors

In Figure 1, you can see only a fraction of available security players and products required for a defense-in-depth strategy.


Figure 1: Too many cybersecurity products from too many vendors.
Courtesy of: The Momentum Cyberscape 2021
(Click to Enlarge)

The challenge for IT is figuring out how to deploy a mix of products that work best for them, and that also provide cybersecurity coverage for different locations across the infrastructure. The common approach is to use the one or two solutions that are easiest to deploy. In addition, some organizations address the remaining gaps by purchasing costly cyber insurance.

Organizations need to be able to bring together the solutions that are best suited to defend their on-prem infrastructure. These include third-party applications and solutions of their choice.

Unnecessary exposure of management portals

During the pandemic, IT teams needed remote access to equipment. This caused many to expose management ports—even of remote desktops—directly to the Internet. Adversaries were able to find this equipment and attack using the exploits described earlier (stealing credentials, breaking through unpatched systems). Had teams deployed private out-of-band infrastructure, these systems would have remained protected while still allowing them remote access.

Human error

There are two categories of human error: slips or lapses, which are small mistakes (as in typos and configuration errors) that occur when performing familiar tasks or activities, and decisions (like delaying updates or patches), which occur from a lack of



FEATURED SPONSOR:

Latest Updates





Subscribe to our YouTube Channel