5 Ways Enterprises Inadvertently Compromise Their Network Security
Is your organization carelessly leaving its networks vulnerable to invasion? Check out these five common oversights to see if your resources are at risk.
Strong network security is essential, yet creating and maintaining bulletproof network protection remains an elusive goal for many enterprises.
Ensuring that every potential gap is securely sealed continues to be a challenge for organizations of all types and sizes. Even more distressing is the fact that many enterprises fail to take some basic actions that would keep their networks safe from infiltration and attack. Here's a look at the five leading ways enterprises inadvertently compromise their network security, and how to fix those oversights.
1. Relying on a single solution to patch a vulnerability
It's not enough to simply identify a gap and then buy a hardware or software widget to fill the breach. "Security pros must expect to encounter events that threaten network security and implement continuous testing accordingly to ensure the device in question will not be compromised," said Kurt Alaybeyoglu, a senior associate at The Chertoff Group, a global security advisory firm. "Otherwise, an organization will waste its precious, often scant, security budget," he added.
Not only is it a waste of money to purchase a widget without deploying controls assurance testing, but there's also the waste created by evaluating and installing the widget and conducting employee training, Alaybeyoglu explained. Even worse is that without continuous testing and management, IT is providing a false sense of security to enterprise directors by claiming that the organization is now protected against the tactics, techniques, and procedures (TTPs) that the investment was meant to address.
2. Using a VPN as a security band-aid
Read the full article on Network Computing.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024