If you’re interested in the types of network security threats and how to combat them, you’re in the right spot. We’ll discuss a tried and true method to create a solid foundation for your network security.
What’s keeping you up at night? Is it hackers, insider threats, malware, or phishing? Maybe there are a few new types of network security threats that you haven’t heard of yet? You never know!
Even the most secure organization may have pitfalls that allow something to slip through the cracks. Consider Equifax and THE most talked about the breach of 2017 that could have been prevented so easily with a proper patching policy.
The fact of the matter is that the bad guys are constantly trying to catch us. You can train your employees all you want, but there’s still a chance that an employee may not be able to identify an extremely sophisticated phishing email. Phishing email creators are getting GOOD! These guys take anything from celebrity news, worldwide sporting events like the Olympics or the World Cup, or something as personal as W-2 information around tax time to make sure you will click on their email. Even the CEO of KnowBe4 recently received a phishing attack that seemed to be from his accountant.
Related: The Financial Industry’s Biggest Threat
Types of Network Security Threats
There are typically four types of network security threats, and any particular threat may be a combination of the following:
Unstructured Threats
Unstructured threats often involve unfocused assaults on one or more network systems, often by individuals with limited or developing skills. The systems being attacked and infected are probably unknown to the perpetrator. These attacks are often the result of people with limited integrity and too much time on their hands. Malicious intent might or might not exist, but there is always indifference to the resulting damage caused to others.
Structured Threats
Structured threats are more focused on by one or more individuals with higher-level skills actively working to compromise a system. The targeted system could have been detected through some random search process, or it might have been selected specifically. The attackers are typically knowledgeable about network designs, security, access procedures, and hacking tools, and they can create scripts or applications to further their objectives. Structured attacks are more likely to be motivated by greed, politics, international terrorism, and government-sponsored attacks.
Internal Threats
Internal threats originate from individuals who have or have had authorized access to the network. This could be a disgruntled employee, an opportunistic employee, or an unhappy past employee whose access is still active. In the case of a past network employee, even if their account is gone, they could be using a compromised account or one they set up before leaving for just this purpose. Many surveys and studies show that internal attacks can be significant in both the number and the size of any losses.
External Threats
External threats are threats from individuals outside the organization with no authorized access to the systems. In trying to categorize a specific threat, the result could be a combination of two or more threats. The attack might be structured from an external source, but a serious crime might have one or more compromised employees on the inside actively furthering the endeavor.
(Source)
There are many different examples of each type of network security threat. According to computerweekly.com, the top 5 corporate network security threats include:
- Viruses
- Virus Back Doors
- Application-specific hacks
- Phishing
- Blended Attacks
You have to be prepared at all times, for anything. Trust no one, don’t click on any emails. If you want your data to be completely secure, just toss it in a volcano. Don’t forget that you are also building a successful business while protecting your network security. There MIGHT be a better way…
Calculate Your Network Security Threat Risk
Is your company secure? How can you tell? It isn’t easy, but there is a way – you just need something to compare yourself to.
Back in 1901, the US Government gave us something called NIST, the National Institute of Standards and Technology.
NIST focuses on recommending standards for various industries and other government agencies in a wide variety of areas. It is a non-regulatory agency of the United States Department of Commerce. From cybersecurity to mammograms and advanced manufacturing, innumerable technologies, services, and products rely upon NIST expertise, measurement, and standards. https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology
More recently, NIST introduced the NIST Cybersecurity Framework. This voluntary Framework consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Cybersecurity Framework’s prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important to the economy and national security.
According to the NIST Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1, The Cybersecurity Framework is designed to reduce risk by improving the management of cybersecurity risk to organizational objectives. Ideally, organizations using the Framework will be able to measure and assign values to their risk along with the cost and benefits of steps taken to reduce risk to acceptable levels. The better an organization can measure its risk, costs, and benefits of cybersecurity strategies and steps, the more rational, effective, and valuable its cybersecurity approach and investments will be.
This is awesome news! But, this is also a lot of information and a lot to understand. Never fear, we have security consulting experts that can easily walk you through the process (as well as PCI, HIPAA, or any other necessary framework). For the sake of this article, and to understand where to begin, let’s start at the beginning according to NIST:
To manage cybersecurity risks, a clear understanding of the organization’s business drivers and security considerations specific to its use of technology is required. Because each organization’s risks, priorities, and systems are unique, the tools and methods used to achieve the outcomes described by the Framework will vary.
The Framework Core is a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors. The Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and outcomes across the organization from the executive level to the implementation/operations level. The Framework Core consists of five concurrent and continuous Functions—Identify, Protect, Detect, Respond, and Recover. When considered together, these Functions provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk. The Framework Core then identifies underlying key Categories and Subcategories – which are discrete outcomes – for each Function and matches them with example Informative References such as existing standards, guidelines, and practices for each Subcategory.
Related: The CEO’s Guide to Penetration Testing
Start from the Beginning: IDENTIFY
Identify – Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities.
The activities in the Identify Function are foundational for the effective use of the Framework. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enable an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs. Examples of outcome Categories within this Function include Asset Management; Business Environment; Governance; Risk Assessment; and Risk Management Strategy.
Identify
- Asset Management: The data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to organizational objectives and the organization’s risk strategy
- Business Environment: The organization’s mission, objectives, stakeholders, and activities are understood and prioritized; this information is used to inform cybersecurity roles, responsibilities, and risk management decisions.
- Governance: The policies, procedures, and processes to manage and monitor the organization’s regulatory, legal, risk, environmental, and operational requirements are understood and inform the management of cybersecurity risk.
- Risk Assessment: The organization understands the cybersecurity risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals.
- Risk Management Strategy: The organization’s priorities, constraints, risk tolerances, and assumptions are established and used to support operational risk decisions.
- Supply Chain Risk Management: The organization’s priorities, constraints, risk tolerances, and assumptions are established and used to support risk decisions associated with managing supply chain risk. The organization has established and implemented the processes to identify, assess and manage supply chain risks.
Know Where You Are
We can help you begin at the beginning. We have two services that could potentially help with most of the items on the list. Our Real-time vulnerability management service will help you identify all the assets on your network. Many companies may not know all the devices on their networks, this is very common! Our risk assessment service can help you assess where you are, identify any gaps, and even help you with ongoing compliance requirements.
Ready to get started? Let’s go! Schedule time with us today to discuss your specific needs.