Five Actionable Ways to Secure Your Network

Reposted from the
original article
Ironwood Cyber
Ironwood Cyber
April 27, 2023

In today's digital age, securing your network is crucial for protecting your sensitive information and reputation from cyber-attackers.

Cyber threats are becoming more sophisticated and attackers are constantly developing new techniques to bypass security measures.

In fact, Cybercrime Magazine predicts that cybercrime will cost the world $8 trillion USD in 2023, meaning that if cybercrime were measured as a country, it would be the world’s third largest economy after the U.S. and China.

In the face of these challenges, we’re sharing five actionable tips to secure your network as part of a robust plan to protect your business from cyber-attacks.

1. Harden your system and network configurations

System hardening is the process of configuring a server or workstation to reduce its attack surface. It may involve activities such as:

  • Disabling or removing unnecessary services, ports, and protocols
  • Disabling insecure operating system functionality Implementing access controls to enforce “least privilege” access (i.e., users should only have access to the data and functionality they need for their job role)
  • Utilizing a capable endpoint security product (i.e., Endpoint Detection and Response) and host-based firewalls
  • Defining a system configuration standard, encompassing all of the above, to ensure consistency across all systems in the organization

However, there are many subtleties that require expertise and time investment many organizations don’t have at their disposal. Therefore, it’s advisable to use an existing well-recognized system hardening standard, such as the freely available Center for Internet Security (CIS) benchmarks. Microsoft has provided the Security Compliance Toolkit (SCT) to assist in implementing CIS benchmarks on their products, and projects such as OpenSCAP provide similar tooling for Linux systems.

Network hardening is the process of securing network infrastructure, implementing hardened network device configurations, firewall rules, and intrusion detection systems.

Disrupted operations: Poor security measures in supply chains can increase the risk of disruptions in operations, such as unavailability of critical components, delays in deliveries, or reduced production capacity, leading to increased costs and customer dissatisfaction.

To harden your system and network configurations, you first need to have a clear understanding and documentation of your network infrastructure. Identify all devices connected to your network, including servers, workstations, IoT (Internet of Things) devices, routers, and switches.

Next, you must understand all of your critical data flows (i.e., which port and protocol communication paths between systems are essential for your network to support the organization). Then, leverage the enforcement capabilities at your disposal (e.g., network and host-based firewalls) or acquire additional products, as needed, to ensure unnecessary communication paths are restricted in order to reduce your network’s attack surface. Particular attention must be placed on external hardening (i.e., from the Internet) but internal network hardening is crucial for limiting the effects of malware/ransomware or attackers who have gained internal network access.

2. Assess your system and network regularly for vulnerabilities

Assessing vulnerabilities involves utilizing processes and tools to continuously identify weaknesses so they can be quickly remediated. Networks are not static entities and new risks are introduced regularly, as system changes occur often to support business needs and new vulnerabilities are discovered regularly, after which they are quickly leveraged by attackers. Therefore, assessment and remediation must be an ongoing priority.

Effective and continuous vulnerability management can be time consuming and costly, requiring cybersecurity expertise many smaller organizations cannot afford and burdening the often stretched-thin cybersecurity resources of larger organizations. Ironwood Cyber helps organizations solve this problem with Ironwood CyberRX, providing a fully managed product that leverages an innovative approach to automation to make it much more affordable than previously possible.

3. Enforce strong passwords and require MFA for sensitive or privileged accounts

Weak passwords that can be cracked or guessed provide a straightforward entry point for attackers to gain unauthorized access to your network and sensitive data. Enforcing strong password policies is important and can include:

  • Requiring complexity, a combination of upper and lower case letters, numbers, and special characters
  • Requiring a minimum password length
  • Enforcing expiration, requiring a password change after a specified period of time
  • Permitting only a specified number of attempts before the account is locked from usage either indefinitely or for a specified period of time

Recent guidance from NIST (National Institute of Standards and Technology) has recommended that organizations favor password length over complexity and expiration, easing the burden on users and encouraging better selection of strong passwords. A 14-character passphrase, consisting of a combination of words can be easier to remember while still very challenging for an attacker to defeat.

Multi-factor Authentication (MFA) adds an extra layer of security by requiring users to provide two or more authentication factors (e.g., password and a one-time use token value) to log in to sensitive or privileged accounts. All remote access (e.g., Virtual Private Networking (VPN)), sensitive external websites (e.g., banking, cloud infrastructure management platforms) should require MFA.

4. Regularly patch software

Software patches are updates designed to fix functionality issues, resolve new vulnerabilities, or add new features to software applications. Hackers often exploit these vulnerabilities to gain unauthorized access to networks or steal sensitive data.

You can help prevent cyber-attacks and protect your network from potential threats by regularly patching all of your software, firmware, and plugins. Timeliness is key to reducing your exposure to attacks. Some larger organizations need to thoroughly test patches to ensure they don’t negatively impact their operations, unfortunately increasing their time to patch. However, many smaller organizations have found that they can operate safely by enabling automatic updates on their operating systems and applications, benefitting their security posture with faster vulnerability mitigation.

5. Provide users with security awareness training

Finally, providing users with security awareness training is essential in securing your network. Users are often the weakest link in cybersecurity, as they can unintentionally enable a compromise by clicking on phishing email links or downloading malware-infected files.

Security awareness training helps users understand the importance of cybersecurity and how to identify and respond to potential threats. Common topics include password security, safe browsing practices, email security, and how to detect and respond to phishing attacks. By regularly providing security awareness training and conducting testing of user awareness (e.g., phishing testing), users have the resources they need to stay up-to-date on the latest threats and best practices.

Secure Your Supply Chain with Ironwood Cyber

Securing your network against cyber threats takes everyday work. Founded by two former Lockheed Martin Fellows, Ironwood Cyber is a team of seasoned cybersecurity experts with decades of experience protecting our nation's most critical defense weapon systems. Our Ironwood Cyber Rx™ product can help your organization establish an affordable and complete cybersecurity program, including processes, user awareness training/testing, and continuous assessment of your cybersecurity health.

Have Any Questions?

Learn about your cybersecurity posture and how you can reduce your risk today
Let's Talk