COMMENTARY: As stories about data breaches hit the headlines, data security remains front and center for every organization. Customers are increasingly meticulous about a company’s cybersecurity track record before sharing their personal information, while businesses and investors prioritize partnerships with companies that adhere to best security practices.
Today, network architectures have become more complex over time and attack surfaces keep sprawling, so traditional defenses aren’t really effective anymore. Malicious actors seek out entry points from every direction, including devices, applications, and even the team.
[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]
With the risks escalating, let’s look at five ways to improve the network’s data security with defenses and technologies that can proactively stand up to today’s sophisticated threats.
- Rethink access control: Access control has become the main barrier between malicious actors and data on the network, so teams need to make it robust enough to fend off intrusions. Introduced as a distinct technology back in 2018, zero trust network access (ZTNA) continues on as gold standard. It offers granular access control and limits user and device access to specific resources based on their job function and identity. This helps minimize the attack surface and the potential damage from compromised accounts. Today, ZTNA integrates threat intelligence, supports hybrid and multi-cloud environments, and uses AI-driven anomaly detection. ZTNA follows the logic of dynamic and contextual permissions that considers factors like device security posture, location, and typical time of access. If any of these conditions change, the team can adjust or revoke access.
- Raise the firewall game: Firewall security has been a long-standing component of the network protection arsenal, but all too often, IT teams use preset security rules to block or allow traffic based on IP addresses and ports. They aren’t much protection against advanced threats like zero-day exploits, polymorphic malware, and targeted attacks. Next-generation firewalls (NGFWs) go beyond basic filtering with deep packet inspection, intrusion prevention systems (IPS), and application-level traffic control. They use threat intelligence feeds, automate threat response, and analyze network traffic in real time. By inspecting data packets at the application layer, NGFWs ensure that only legitimate traffic enters the network.
- Take incident response seriously: A robust incident response plan can limit the fallout when a security incident does occur, and helps prevent them from happening at all. Following these predetermined protocols lets the organization swiftly detect, analyze, contain, eradicate, and recover from security incidents, which helps stop them from escalating and minimizes the data that attackers target. What’s more, a strong incident response framework ensures that security staff fully understand the scope, structure, and impact. By learning from an incident, they gain better insight into ways to strengthen defenses against future threats, refine the response strategies over time, and improve cyber resilience overall.
- Tap into network visibility: If the organization can’t see what’s going on across its networks, vulnerabilities and weaknesses can go unnoticed. Security information and event management (SIEM) products offer visibility by collecting data from numerous security devices and then aggregating it into a comprehensive security report that flags anomalies and potential incidents. Log analysis can give IT pros granular insight into security incidents, and as such, it helps quickly identify threats and address them by isolating network segments, blocking malicious payloads, and restricting user access if behavioral anomalies are spotted.
- Segment the network: Network segmentation lets the organization adjust security measures according to the importance and unique threat model of each area. This way, even if someone penetrates the perimeter, they can’t easily move to the most sensitive data and critical systems. It’s best to take this principle a step further and apply microsegmentation, which splits up the network into even smaller sub-segments. This approach leverages network virtualization to apply flexible, policy-driven security measures at the application level. With microsegmentation, access controls are more dynamic, and valuable assets can be isolated more effectively.
These five approaches to network data security have been around for quite some time, yet they continue to mature and stay relevant because of new AI features that align with emerging challenges. Ultimately, the security team needs to choose and deploy the right combination of these tools that correlate with industry-specific risks facing the organization.
David Balaban, owner, Privacy-PC
SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.