The network security landscape changes on a daily basis and it is a challenge to know how threats and cyber defenses will evolve every month and year. We have to continually make predictions about the network security changes that are on the horizon. If we don’t, we’ll inevitably fall behind as new threats exploit hidden vulnerabilities and important trends in designing a secure network infrastructure go unaddressed.
The following 4 predictions won’t just emerge in the second half of 2019—they’ll challenge your network security strategy in the months and years following 2019 as well.
Traditionally, network security tools and strategies have focused more on known-exploits than zero-day threats. Common advice implied that emerging threats would mostly be variations of existing exploits and that the best way to defend against them was signature-based antivirus and other tools.
In recent years, it’s become clear that signature-based tools aren’t enough when building a secure network infrastructure. But now, it’s also becoming clearer that zero-day exploits are the new norm for attackers.
It’s easier than ever for attackers to build their own zero-day exploits and they become more sophisticated every day. The only way to protect the network is to proactively address vulnerabilities—and that starts with creating a pervasive network visibility layer that can be used to prevent, identify and mitigate damage from zero-day exploits..
One of the most effective ways for attackers to break through a network security infrastructure is to use Living off the Land (LotL) tools. These tools take advantage of pre-installed system tools to launch attacks that are hidden within expected and known-good network traffic.
These types of threats are increasingly seen in fileless malware attacks. Using tools like PowerShell and Windows Management Instrumentation to launch malware within volatile memory makes attackers more elusive to traditional and legacy network security tools.
Network metadata is one of the primary resources for defending against these types of attacks. Managing your metadata with protocols like IPFIX and NetFlow will ensure you gain the most actionable insights from traffic analysis. Even when attackers are living off the land, metadata should reveal malicious activity..
Attackers are coming up with new and innovative threats at a rate that network security practices can’t keep up with. It’s a never-ending battle that has resulted in a network security skills gap. Figuring out how to secure network infrastructure is increasingly difficult and your company needs to find ways to overcome this skills gap.
Part of the problem is that network security pros are expected to become experts at defending against every new threat that emerges, while the attacker only needs to be an expert on the methods of choice. All too often, you’re reacting to news from security researchers and sink time into learning everything about a specific exploit that quickly becomes outdated.
By focusing on network visibility and monitoring, you can develop expertise in fundamentals that will apply to today’s threats and the ones on the horizon. Network visibility tools won’t necessarily eliminate the skills gap. However, creating the proper visibility layer will give security pros an advantage when dealing with threats that may be outside of their expertise.
A couple of years ago, we saw the impact that the Internet of Things (IoT) can have on network security. When an attack on the mirai botnet successfully took down many of the world’s largest websites, the vulnerabilities of a sprawling network infrastructure became evident.
The Internet of Things is making the network perimeter more blurry. You have hundreds, thousands, or even millions of endpoints across your network now and defending them all against attacks requires more than just traditional perimeter defenses.
Until network security infrastructures address these IoT challenges, attackers will continue exploiting weak, newly-connected endpoints. And for many security pros, the biggest challenge is maintaining visibility on the traffic off all connected devices across the network. Putting the right network traffic visibility solutions in place can solve these problems.
The four predictions listed here will become clearer as we advance in 2019. However, you’ll notice that none of them are specific to individual threats, exploits, and techniques. Rather, our predictions look beyond 2019 and provide insight into what it will take to change network security infrastructure to withstand an ever-changing threat landscape.
Building a pervasive network visibility layer with the right combination of network packet brokers (NPBs), bypass switches, and network taps will give you the control and insights necessary to maximize network security—regardless of the threats you face. Without NPBs and other visibility tools, you risk having blind spots that can be exploited easily by attackers.
If you want to learn more about ensuring network security this year and in the future, download our free eBook, Top Security Tools and Tactics to Protect Your Network in 2019.