What is zero vulnerability infrastructure – and is it achievable?
The global cost of cyber crime exceeded $600 billion in 2018 – up from $445 billion in 2014. And, in almost every business breach, companies reported loss or damage to internal, customer, or employee information. More than half of breaches resulted in damages of at least $500 000.
Gareth Trollip, Country Manager for South Africa at KHIPU Networks, says the holy grail for those responsible for securing company networks is to achieve zero vulnerability infrastructure: a network that is completely secure against both outside and insider threats. But is this really possible?
With eight new threats emerging every second, businesses are under siege – and seemingly fighting a losing battle. Even enterprises like British Airways, FIFA, Toyota and Facebook have suffered major breaches – proof that all businesses, no matter their size, struggle to deal with the changing threat environment.
Ignorance is not bliss
“It would be naïve for businesses to think they are immune to cyber crime,” says Trollip, especially with the move to the cloud and the growth of new technologies linked to the Internet of things.
“Part of the challenge for organisations is that many don’t have a good grasp of what data they hold and where it’s located. Nor do they have a robust overview of their network and all the devices and users that might need to access it. This makes it harder to protect the network and the data. It also makes it hard to notice if a breach has occurred – potentially leaving an open door for an attack.”
He says regulation like the General Data Protection Regulation (GDPR) and the Protection of Personal Information Act (POPIA) force organisations to be more aware of their data, which means they’re more likely to notice if it’s compromised.
“Knowing what data you hold, where it resides, and who can access it, is crucial to protecting your company network against breaches. It’s also the first step to understanding your weak points and vulnerabilities and helps form the backbone of a cyber security strategy that’s unique to your business and your requirements. There is no one-size-fits-all approach to security, and there never will be. But achieving a zero vulnerability infrastructure is possible, with the right strategy and operations in place.”
Knowledge meets visibility
When businesses know where their security gaps are, they’re better placed to address them and to fend off data theft, sophisticated attacks such as DDoS, and ransomware.
“Your network suite never operates in isolation. It’s an ecosystem of users, endpoints, infrastructure, perimeter security and application usage, with each element informing the next,” says Trollip.
But, with so many different cyber security solutions on the market, it’s nearly impossible to understand what each one addresses, what it doesn’t, and how it can protect the network.
“The cyber marketplace is crowded, complex and confusing,” says Trollip. “Your security partner should be able to advise on solutions and provide training and ongoing professional and managed services to help you get closer to a zero vulnerability infrastructure.
“Ideally, they should start with a vulnerability assessment to identify and prioritise risks, and put teams in place to address them. They should have access to the latest threat intelligence to help prevent attacks. Most importantly, they should provide complete visibility into your network, including what applications are being used, by who, and what traffic is entering and leaving the network.”
Above all else, achieving zero vulnerability infrastructure has to be a strategic concern if it’s to be successful, says Trollip. “It starts with identifying your weaknesses, throwing everything you can at fixing them, and then committing to constantly monitoring and improving your security posture. It’s not an overnight fix. It has to be a long-term strategy.”