TECH TALK
“Almost all
phishing attacks
that led to a
breach were
followed with
some form of
malware.”
8. Segment Networks. Group assets,
including application and resource
servers, into logical units that do
not trust one another. Segmenting
the network reduces the ‘line of
sight’ access attackers must have
into your internal systems. For
access that needs to cross the trust
zones, require a secured jump server
with multi-factor authentication,
adaptive access authorisation, and
session monitoring
86
INTELLIGENTCIO
9. Consider Micro-Segmentation.
Where possible, go beyond standard
network segmentation. Segment
based on context of the user, role,
application and data being requested.
10. Implement Threat and Advanced
Behaviour Monitoring. Somewhere
along the line, accounts have access
to stuff. Implement base security
event monitoring and advanced
threat detection (including user
behaviour monitoring) to more
“It’s not a
matter of if,
but a matter of
when you will
be successfully
breached.”
accurately and quickly detect
compromised account activity as well
as insider privilege misuse and abuse.
In today’s sophisticated threat
landscape, one product will certainly
not provide the protection enterprises
need against all stages of an attack.
And while some new and innovative
solutions will help protect against or
detect the initial infection, they are not
guaranteed to stop 100% of malicious
activity. In fact, it’s not a matter of
if, but a matter of when you will be
successfully breached.
You still need to do the basics – patching,
firewalls, endpoint AV, threat detection
and so on. But you also need to protect
against, and monitor for, lateral
movement. So, assuming the bad guys
get in, following the 10 recommendations
can help you can stop them, slow them
down, and/or detect them faster in order
to mitigate the impact. n
www.intelligentcio.com