Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.
According to the 2023 Global State of Cybersecurity Study by Infoblox, the average organisation in Singapore experiences 54 security incidents per day. It concludes that there’s growing frustratiÂon with current tools to handle such a volume, especially when these same organisatiÂons struggle to instiÂl sound corporate cyber hygiene pracÂtices.
Within the networking and security functions, Jeff Castillo, senior regional director for Southeast Asia at Infoblox, acknowledges the existence of gaps. He laments that despite the decades of using the Internet, there remains a lack of domain name service (DNS) security.
"Basically, DNS has largely been ignored from a traditional security standpoint," he opined. According to the 2023 Global State of Cybersecurity Study (Singapore), there are only 37% of organisations in Singapore use DNS security for network access on-premises.
Three common outcomes when gaps persist
Castillo was quick to point out that gaps leave organisations vulnerable to cyberattacks. It also means an organisation may not be able to respond immediately to identify the appropriate response to the threat. In addition, they are likely unprepared for a wider range of attacks the organisation is vulnerable to.
Plugging the gap
Castillo says outside of implementing DNS security, an organisation may want to consider uniting their networking and security operations, as you cannot be sure whether the attack will originate by way of networking or security systems.
"You have to unite the assets or enable the two organisations to collaborate together. In addition, it is very important to ensure the talent pool receives appropriate training," he continued. " If you don’t have the right training, at the end of the day, it will be chaos for you – as you are not aware of how to go about resolving the issues during and following an attack."
Securing the cloud
Castillo says it is important to have multi-cloud visibility. "If you have multi-cloud visibility, you can then apply cores services like DNS and DHCP to unify the different applications and services that may reside in the various platforms the organisation has signed on to," he continued.
Steps to narrow the gap
For Castillo, it is important that the network and security teams collaborate to address any gaps that may arise on either side. He argues that by doing so, the practice may make the organisation's architecture, including the network, more 'bulletproof'.
"We cannot say it's 100% bulletproof, but if we do these collaborations correctly, we can address each problem that we will encounter on both networking and security sides," he concluded.
Click on the PodChat player to hear Castillo as he elaborates on how organisations can address the gaps in network and security systems.
- Where are the gaps in network and security systems?
- Why do these gaps persist? What is contributing to this practice?
- Name three common outcomes when these gaps remain in place.
- Name three best practices for fixing these gaps.
- Given that most organisations will likely have a heterogeneous environment, including cloud and on-premise as well as edge, what is your recommendation for a more holistic approach to minimising such gaps in the future?