By: Amr Alashaal, Regional Vice President – Middle East at A10 Networks

CSOs, CIOs and CISOs have never had it so tough. Alongside their traditional responsibilities of safeguarding the corporation’s physical assets on a day-to-day basis and preparing crisis management strategies, they must now face a cybersecurity threat environment that is growing exponentially.

Today, ransomware has become one of the greatest network security threats organisations have to deal with. Increasingly sophisticated and distributed at a high speed via the internet and private networks using military-grade encryption, today’s ransomware attacks demand multimillion-dollar ransoms.

But ransomware is only one of the many threats organisations have to deal with. There are also distributed denial of service (DDoS) attacks, Man in the Middle (MitM) attacks, social engineering, insider threats, malware, and advanced persistent threats (APTs) to contend with – and those are just the most common network security threats.

Below are seven strategies to make cybersecurity professionals’ organisations safer from the countless network security threats they’ll be facing in the near future:

1. Create a “Security-first” Culture

The problem for CSOs is that, while most employees have some basic knowledge of cybersecurity best practices, that is pretty much all they have. Without ongoing training, knowledge testing and awareness, staff behaviour is one of the biggest cybersecurity risks that organisations face.

A study by Accenture revealed that less than half of new employees receive cybersecurity training and regular updates throughout their career. Just four in ten respondents said insider threat programs were a high priority.

Organisations must look to create a robust and distributed digital immune system with a radical re-engineering of staff behaviour. Business leaders need to have accountability for cybersecurity; security teams need to collaborate with business leaders to create and implement  policies that will actually work, and those policies need to be routinely re-evaluated and tested.

2. Create a Continuous Security Education Program

A “security-first” culture requires that all members of the culture appreciate the concept of network security threats. For this to actually have an impact on culture, however, staff must be trained routinely to ensure that their knowledge is current.

3. Implement a Zero-Trust Model Throughout the Business

Well-trained staff and a monitored environment are crucial to the successful protection of any organisation but without a foundational Zero Trust environment, defences will be intrinsically weak.

The Zero Trust model is a strategy for preventing network security threats that all enterprises and governments should be using to defend their networks. It consists of four components:

• Network traffic control: Engineering networks to have micro-segments and micro-perimeters ensures that network traffic flow is restricted and limits the impact of overly broad user privileges and access. The goal is to allow only as much network access to services as is needed to get the job done. Anything beyond the minimum is a potential threat.
• Instrumentation: The ability to monitor network traffic in-depth along with comprehensive analytics and response automation provides fast and effective incident detection.
• Multi-vendor network integration: Real networks aren’t limited to a single vendor. Even if they could be, additional tools are still needed to provide the features that a single vendor won’t provide. The goal is to get all of the multi-vendor network components working together as seamlessly as possible to enable compliance and unified cybersecurity. This is a very difficult and complex project but keeping this strategic goal in mind as the network evolves will create a far more effective cybersecurity posture.
• Monitoring: Ensure comprehensive and centralised visibility into users, devices, data, the network, and workflows. This also includes visibility into all encrypted channels.

At its core, the Zero Trust model is based on not trusting anyone or anything on the company. This means that network access is never granted without the network knowing exactly who or what is gaining access.

4. Implement SSL Visibility – “Break and Inspect”

TLS/SSL inspection solutions that decrypt and analyse encrypted network traffic are key to ensuring policy compliance and privacy standards in the Zero Trust model.

Also called “break and inspect”, TLS/SSL inspection bolsters Zero Trust in three major ways. It allows for the detection and removal of malware payloads and suspicious network communications, prevents the exfiltration of sensitive data, and enables the Zero Trust model to do what it’s supposed to do – provide in-depth and rigorous protection for networks from internal and external threats.

For any organisation that hasn’t adopted a Zero Trust strategy combined with deep TLS/SSL traffic inspection, now is the time to start rethinking their cybersecurity posture.

5. Review and Test DDoS Defences Regularly

Routine testing against a checklist of expected configurations and performance standards, as well as random tests of security integrity, is crucial to detecting a distributed denial of service attack.

Network performance testing should be executed daily because a distributed denial of service attack isn’t always a full-bore assault. It can also be a low-volume attack designed to reduce, but not remove, connectivity.

6. Secure all Inbound and Outbound Network Traffic Using SSL/TLS Encryption

When users’ computers connect to resources over the internet, SSL/TLS creates a secure channel using encryption, authentication, and integrity verification. Encryption hides data communications from third parties trying to eavesdrop, while authentication ensures the parties exchanging information are who they claim to be. The combination ensures the data has not been compromised.

Any un-secured traffic must be constrained to specific secured network segments and monitored closely.

7. Establish and Test Disaster Recovery Plans

A key part of a disaster recovery plan involves backups. However, it is surprising how often restoring from backup systems in real-world situations doesn’t perform as expected. It’s important to know which digital assets are and are not included in backups and how long it will take to restore content.

CSOs should plan the order in which backed-up resources will be recovered, know what the start-up window will be, and test backups as a routine task with specific validation checks to ensure that a recovery is possible.

Staying Secure

The CSO’s job isn’t getting any easier, but solid planning using the seven strategies will help ensure an organisation’s digital safety. In addition, partnering with top-level enterprise cybersecurity vendors will ensure that critical security technology and best practices are central to the organisation’s cybersecurity strategy.

Solution Gives Remote Workers the Complete In-Office Connectivity Experience by Extending SD-WAN and SASE Security Services – All Through a Single Access Point, No Gateway Or Agent Required

Aruba, a Hewlett Packard Enterprise company (NYSE: HPE), today introduced its new EdgeConnect Microbranch solution, an industry-leading home office and small office networking solution for hybrid work environments that securely provides remote personnel all of the traditional services workers receive in-office via a single Wi-Fi access point (AP) – with no gateway, agent or additional hardware required at the remote site. With EdgeConnect Microbranch, IT departments can ensure the employee experience is consistent no matter where workers are located. EdgeConnect Microbranch enables this by delivering the full range of on-campus connectivity services to remote workers, accelerating troubleshooting, and maintaining corporate protections by seamlessly extending on-campus Zero Trust and Secure Access Services Edge (SASE) security frameworks to the home office/small office.

EdgeConnect Microbranch, part of Aruba ESP (Edge Services Platform), comprises APs and a new suite of SD-WAN services and builds upon Aruba’s legacy of delivering robust connectivity, security, and zero touch onboarding experiences to the home office through its popular Remote Access Points (RAPs).

SD-WAN has been added to large branches and campuses to deal with the increasing demands for higher application performance, reliability, and security. Now, as hybrid work becomes the norm, home and small remote offices need the automated, policy-based traffic management and cloud-based SASE security of Aruba SD-WAN to efficiently, robustly, and securely support a workforce that increasingly is remote. In fact, IDC estimates that 70% of G2000 organizations will deploy remote or hybrid-first work models, redefining work processes.^[1]

For organizations, the key to successfully enabling flexible and remote work is the ability to provide hybrid workers with the same access to tools, applications, and functionality at home as in the office. The new EdgeConnect Microbranch solution does this by adding new SD-WAN and SASE services to the connectivity, identity-based access control, management, and analytics capabilities users have enjoyed with Aruba RAPs – without the need for additional hardware on premises or agents on devices. Not needing additional hardware is an important factor in space-constrained home offices, small offices, and ad-hoc locations unstaffed by IT, such as retail pop-ups, kiosks, and mobile clinics.

EdgeConnect Microbranch services address common challenges associated with remote work, such as the need to guarantee the performance of latency-sensitive applications like unified communication and collaboration while ensuring proper security and contending with a higher density of bandwidth-hungry devices that may be on the network. New EdgeConnect Microbranch services such as policy-based routing, which enables IT to optimize how application traffic is routed to a destination, complement existing services such as Air Slice, which dynamically allocates AP radio resources to specific applications. For example, video conferencing call quality can be improved by prioritizing that traffic over video entertainment, and then routing the video conferencing traffic directly to the trusted SaaS vendor, bypassing an unnecessary trip to the data center for inspection.

“EdgeConnect Microbranch gives organizations a modern, scalable approach for enabling remote work and making the home office experience equivalent to being in-office,” said Larry Lunetta, VP of Solutions Portfolio Marketing at Aruba, a Hewlett Packard Enterprise company. “While some may believe that the only network service that can be extended to the home office AP/router is security – and even that requires an extra box, – EdgeConnect Microbranch demonstrates that, with a cloud-based approach, all critical network services can be extended to the home office solely through an access point.”

By extending the already robust RAP in-home experience with key SD-WAN features, EdgeConnect Microbranch is now an ideal solution for hybrid operations like contact centers, telehealth, and IT management, where uptime and security are critical.

EdgeConnect Microbranch is an industry-leading solution that improves upon typical approaches that require extensive hardware footprints within the small and home office to deliver SD-WAN and SASE services, as well as consumer-grade hardware and single-purpose appliances that lack robust manageability and functionality.

New SD-WAN Features and Benefits – No On-Premises Gateway Required

• Policy-based routing: Allows IT to deliver application performance and security based on automated rules to meet service-level agreements (SLAs) for specific applications, websites or types of users
• Tunnel and route orchestration: Optimizes network performance by orchestrating VPN tunnels on demand and automatically rerouting traffic to the network path that will provide the best performance
• SASE integration: Provides secure connectivity to cloud security services such as Zscaler directly via the AP and with Aruba Central providing orchestration of tunnels and unified configuration management
• Enhanced WAN visibility: Accelerates troubleshooting and improves the user experience by providing near real-time updates on WAN availability, utilization, and throughput by detecting latency, jitter, and other connectivity issues impacting the ISP that have traditionally been hidden from IT teams

These features build upon existing capabilities of Aruba’s remote access solutions, including:

• Traffic prioritization: Assigns radio resources to an application and dynamically changes assignments as application sessions begin or end
• Massive scalability: Supports zero touch deployment and consolidated management for tens of thousands of remote workers via Aruba Central’s cloud-based services and AOS 10
• Improved uptime and reliability: Provides for LTE backup via a USB interface should the home or small office lose ISP connectivity

“As remote working continues to expand, IT departments are facing an increasing number of challenges, such as ensuring visible, easily managed, and highly secure access for all workers – no matter where they are located – to business-critical applications and data,” said Chris DePuy, technology analyst at 650 Group. “Being able to extend Zero Trust and SASE security frameworks to home and remote offices will play an important role as enterprises move their hybrid work initiatives forward.”

Pricing and Availability

The Aruba EdgeConnect Microbranch solution is available in Early Access and will be generally available in March 2022 for any AP running ArubaOS 10 with a Foundation AP License (including qualified APs customers already own and manage in Central.) Aruba Central Foundation Licenses are available for $145 per AP. AP pricing varies per model and starts at $575.00 US for the Aruba 303H Series.

---

[1]IDC, IDC FutureScape: Worldwide Future of Work Predictions, November 2021