But taking a step beyond just individual systems, businesses need to also start examining how they can secure the entire network by using breach detection systems and techniques. In this era of the Internet of Everything, there could be hundreds of thousands to millions of internet-enabled devices connected to an organisation's network, each a potential vulnerability point in itself. Having this 360-degree visibility of known and unknown threats across the network is the essential first line of defence.
With this in mind, IT admins should set up processes that will enable them to identify, analyze, and address critical vulnerabilities affecting their network.
What has been experienced in 2014 will most likely continue in this new year — dormant vulnerabilities in widely-used platforms and protocols will be discovered and exploited. Given this, IT administrators will need to better prepare for them to ensure that the impact of such vulnerabilities will be minimal.
In essence, organisations should remember the following:
- Develop an emergency response to ensure that affected parts of the network are identified and defended
- Foster threat intelligence to understand the vulnerability, the ways it can be exploited, and the threats they pose to the company
- Enable patch management to make sure that the entire network is securedwhen the solution becomes available.
- Employ a breach detection strategy that closely examine all layers of the network and ensure strong security throughout. Within these efforts, it's important to include safeguards at the network perimeter, as well as on the server and application levels.
Overall, 2014 was a very challenging year for enterprises and security. But along with the challenges also came a lot of lessons, which means that some good still managed to come out of these incidents, such as improved authentication methods to enhance security and user privacy. Moving forward, companies should learn all they can by making sure to apply the lessons of 2014 to better deal with the upcoming threats of 2015.
Sign up for CIO Asia eNewsletters.