kromkrathog - stock.adobe.com
People often ask me: What are the latest and greatest network security trends? It's a great question. And, now, with a new year upon us, it's time to address the top trends for 2020.
Network security, though, has so many parts that it can be difficult to pinpoint where you should start. Should the focus be on security technologies or network security personnel? Or do you fine-tune business processes? Actually, it's all the above.
The important thing is to figure out what's necessary for your specific environment and business needs. Regardless of what vendors, analysts and consultants will tell you, network security is not a one-size-fits-all business function.
Cloud security, ransomware remain top issues
So, what should you expect in 2020? Advanced malware, such as ransomware, will continue as a top challenge. Criminal hackers will continue to exploit ransomware, using it as a tactic that has, thus far, yielded huge dividends.
Cloud security is another important issue. Companies will reap additional value by enhancing the security of cloud environments in Azure, AWS and Google Cloud Platform.
In the interest of continuing my pragmatic approach to network security, I prefer to recommend steps that provide the most value. Here is what you really need to be doing in 2020:
- Use existing technologies, such as network firewalls, Active Directory, and endpoint logging and alerting capabilities, to your advantage. Most such technologies are, at best, underutilized. This step alone can make your network security program twice as good. If you end up not having the expertise to monitor and respond to security incidents, outsource that function.
- Foster relationships between security and the rest of the business. This will help ensure security is not seen as an IT-centric function -- because it's not.
- Continue to educate your users because they are a good first, and often last, line of defense. But don't put all your eggs in that one "human firewall" basket like so many people do. Users will continue being users. It's up to you to set them up for success and keep them out of trouble by preventing them from making security decisions on your behalf wherever possible.
- Stop doing things that aren't working for you. You'll likely find that certain security technologies in which you've invested are no longer serving your business well. The same goes for security processes and workflows. Just because you've made the investments doesn't mean you should keep going down the same paths.
But perhaps most importantly: Don't hop on a network security trends bandwagon that could take you down the wrong road. You must understand, precisely, what your business needs to enhance its network security efforts. This should not come in the form of someone selling you on a product or service. Nor should it come in the form of a best practice -- in other words, what everyone else is doing.
Instead, perform a risk assessment to determine where your gaps are located. Rather than simply listen to what the FBI believes are the top security threats or what the big analyst groups think are the top products in each security category, find out for yourself what matters and what's needed in the context of your business.
A proper security assessment will highlight where you must focus your efforts. Unless and until you perform this exercise, you'll be spending a lot of time, money and effort on things that may or may not matter. Given how tight IT and security budgets can be, why take that chance?
If you don't have the resources or expertise to do this in-house, bring in an outside expert. Today, and on a periodic and consistent basis, this will be one of the best things that you ever do to improve network security.
Make network security easier
Billionaire investor Warren Buffett once said, "There seems to be some perverse human characteristic that likes to make easy things difficult." With every new year comes more "solutions" for our network security challenges. I'm not convinced that we need more solutions. What is needed the most are the following:
- more information on what's at risk and how it's affecting the business;
- a documented security plan that all the right people agree on and are working to support; and
- discipline, day in and day out, to see it all through.
Network security is often made to be complicated, but it doesn't have to be. If you look at the network security trends that offer the most opportunity, they're almost always the same. Whether it's the year 2000 or the year 2020, it's always the few trivial security flaws that create tons of gaping holes and business risks. I suspect things will be no different in 2040.
If you do anything going into the new year, you should focus on mastering the basics. It won't be easy -- the basics never are. Still, they're the weaknesses that get exploited the most.
If you commit to doing what you know needs to be done, when it needs to be done, whether you feel like it or not, you will have reached a new level of security resilience that few have attained. That level of success will last you for decades.