Have you identified your weakest link? Recognizing this is crucial before you can strengthen your
defenses. Think of it like an assembly line: as a product is manufactured, various steps are required for assembly, and sometimes you may need to work backwards, disassembling the product. This same methodology can be applied to protect your weakest link.
Recognizing your weakest link is crucial for strengthening your defenses.
Working backwards from the firewall, what’s the path? Typically, the firewall connects to a switch, which could either be the core of your network or a physically segmented switch that eventually connects to the core. Once at the core, what comes next? It likely involves some routing that leads to a virtual local area network (VLAN). On that VLAN, what other devices, applications, databases, or virtual machines connect to the weakest link? What does the patching schedule for these devices look like, and are there regular scans? While vulnerability scanners like Tenable Nessus can assist, they are not the ultimate solution for protection.
Consider the traffic from these devices: is the data encrypted or unencrypted? Sometimes you need to think like a hacker and consider how you would access this item. As mentioned earlier in this series, you might want to use a security partner to perform a penetration test. For high-value assets, KNZ Solutions recommends retaining a partner and conducting tests quarterly, focusing on different components or assets associated with the high-value asset. You might be surprised by how a cybersecurity firm accesses the asset. Some surprising methods ethical hackers have used include:
- Server DRAC (controller) cards
- Remote User’s VPN from BYOD
- USB charger
- Database vulnerability that housed MFA data
- IoT Devices with unpatchable vulnerabilities
- Legacy operating systems with unpatchable devices unknown on the network
- Creative social engineering/phishing campaigns
As you consider how to secure devices by working backwards, remember a firewall is not always the solution. Firewalls can limit device access, but they can’t protect against everything, especially if the hacker has privileged access to the firewall. Here are additional tips to protect network assets:
- Identify assets and their corporate value
- Understand how critical assets and their dependencies operate on the network
- Use secure settings on devices with continuous validation
- Encrypt data or data in transit where possible
- Monitor changes on devices or applications
- Use Privileged Access Management platforms and monitor them
Ensure you have a team focusing on monitoring these items. A common question is about AI. Consider AI a tool to assist you. Not all AI-enabled solutions are created equal; some may start strong but fail to adapt to recent threats. If an AI-enabled solution is desired, ask the partner/vendor to provide proof of value/concept with clearly defined goals and objectives. Without these, your organization may not achieve the desired outcome.
As we close this series, returning to the original question, “In firewalls we trust?” the answer should be no. Adopting a zero trust mindset is essential. A firewall, with appropriate software and tools integrated into other solutions, can help build a robust security strategy, but as shown, many pieces, components, and the human element are required for a sound strategy.
First time here? Take a look at Part 1.
Missed Part 2? Read it here. Catch up on Part 3 here.
About the Author:
Chris Price is an experienced executive deeply committed to nurturing and empowering team members to realize their fullest potential. My passion lies in technology thought leadership, and my career has been dedicated to providing guidance and leadership in aligning technology with business objectives. In recent years, we’ve observed a significant evolution in technology, particularly in digital solutions, which have the potential to differentiate businesses and confer a competitive advantage in their respective industries. In this new era of digital business, organizations must embrace transformation. Within my team, we possess the expertise to guide organizations through the disruptions brought by digital innovations, offering innovative ideas and state-of-the-art technology to navigate these changes effectively.