Network security has become a top priority for businesses in the digital age, where cyberthreats continue to evolve in complexity and scale. As organisations expand their digital footprint, they face an increasing risk of cyberattacks targeting sensitive data and critical infrastructure. With remote work and IoT devices adding to the challenge, companies must stay ahead by adopting robust cybersecurity measures. Industry experts help us explore best practices in network security to help organisations protect their networks from emerging threats.
Alain Penel, Vice President, Middle East, Turkey & CIS, Fortinet
Today’s CISOs carry great responsibility. With the constantly evolving threat landscape, coupled with strict regulatory demands, CISOs are compelled to maintain a delicate balance between safeguarding data integrity and confidentiality while adhering to governance requirements. This places them under significant pressure to implement foolproof security measures.
Today’s CISOs must not only be proactive and strategic but also adaptive and resilient, constantly evolving their security strategies to counter new threats while ensuring compliance and fostering a culture of security throughout the organisation. As the stakes get higher and attacks get more sophisticated, CISOs must embrace several strategies to keep networks secure and cybercriminals at bay.
Zero Trust is a must: You’ve probably heard the term a lot lately, and for good reason. The idea here is simple but powerful: trust no one, verify everything. In a world where threats can come from inside or outside your organisation, CISOs must ensure that every user and device trying to access your network is authenticated and authorised.
Tools like Multi-Factor Authentication (MFA) and Identity and Access Management (IAM) are key components in making this approach work effectively.
AI is your new best friend: AI and ML have become game-changers in cybersecurity and CISOs must consider integrating AI and ML into their security operations to stay ahead of the curve. These technologies can sift through massive amounts of data at lightning speed, spotting patterns and anomalies that could indicate a cyberthreat.
By leveraging AI and ML, CISOs can catch potential issues before they become full-blown crises, ultimately saving time, resources and maybe even your company’s reputation.
Build cybersecurity resilience: One strategy that is often overlooked is building a cybersecurity resilience strategy. This goes beyond traditional cybersecurity measures to ensure that organisations not only prevent attacks but also quickly recover when incidents occur.
Key components of resilience include establishing a culture of security across the organisation, effective risk management and having robust incident response and recovery plans in place. Communication is also crucial, both internally and externally, during and after an incident.
Opt for a unified security fabric: This approach brings all your security solutions under one roof, making it easier to see what’s happening across your entire network – from the cloud to the Edge. By doing this, CISOs can ensure that security measures are consistent and that nothing slips through the cracks. It also simplifies management, which is always a bonus.
Don’t forget about endpoint security: With a hybrid work culture, employees are scattered across offices and remote locations. Securing endpoints like laptops, smartphones and IoT devices has never been more critical than it is today. CISOs must invest in advanced endpoint protection solutions that can detect and respond to threats in real-time. Regular patch management and keeping software up to date are some of the easiest ways to close security gaps.
Benjamin Corll, SANS Certified Instructor Candidate and CISO-in-Residence, Zscaler
A CISO should always be alert and proactive in threat detection. Staying curious means maintaining an awareness of new trends, technologies and threat actors. Falling behind in these areas allows adversaries to gain an advantage, so a constant state of learning is essential.
A key aspect of network security is also ensuring executive leadership is on board. CISOs should assess whether executives are leading by example or inadvertently undermining security policies, and work with them to create a supportive environment.
On a more technical note, routine risk assessments are crucial to identifying vulnerabilities within the network. SANS offers comprehensive training on this, including newer courses focused on advanced risk management strategies. Partnering with audit teams for internal and external assessments can uncover unseen risks, while privacy impact assessments (PIAs) ensure that sensitive information is properly handled and protected.
To avoid complacency, CISOs must consistently test their systems. Red and blue team exercises, technical table-top exercises and external/internal penetration tests can expose weaknesses that would otherwise remain hidden. These exercises help teams stay sharp, agile and ready to respond to real-world threats.
Regular SWOT analyses should be conducted to assess the strengths, weaknesses, opportunities and threats in the architecture. Modern solutions such as Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) challenge the traditional on-premise and cloud architecture. CISOs should not be afraid to overhaul legacy systems to stay ahead of attackers.
By managing assets strategically, attack surfaces can be minimised. This includes retiring outdated apps and protocols like SSL/TLSv1.0 and leveraging tactics like hiding IP addresses. Modern solutions move beyond VPNs to create a more secure environment, making it harder for attackers to infiltrate networks.
Finding, mapping, classifying and authorising access to data is essential. CISOs should implement robust data retention policies that ensure data is deleted when no longer needed, thus reducing risk. Regardless of whether data resides on-premises, in the cloud, or with third-party partners, its location and access must always be tracked.
Moreover, continuous review of security programs ensures that as new threats arise, the system evolves. Conducting regular gap analysis helps identify what’s missing and matures the security posture progressively.
Staying abreast of evolving regulations and performing PEST (Political, Economic, Social and Technological) analysis helps mitigate potential impacts on the business. Whether facing GDPR, HIPAA, or other emerging regulations, understanding compliance is essential to maintaining operations globally.
Additionally, hiring a diverse workforce that includes people of varying ages, cultures, genders and expertise brings fresh perspectives. It’s also important to communicate with other teams in the organisation. Collaboration with other business units helps avoid Shadow IT and ensures new technology is incorporated securely. By engaging with different departments, CISOs can identify potential impacts on security early and create solutions before issues arise.
Periodically reassessing the chosen security framework ensures alignment with best practices. Whether aligning with NIST CSF v2, ISO 27001, or others, it’s vital to ensure the framework still fits the organisation’s needs. Partnering with audit for CMMI assessments can provide further guidance in this area.
Richard Sorosina, Chief Technical Security Officer EMEA and APAC, Qualys
The foundation of modern network security has become Zero Trust. For external real-world entities – customers, partners, investors and regulators – to have trust in you, you cannot fully trust any device, user or service. Any process could be the beginning of the end for normal operations. Any file could be a prelude to a ransomware or other attack.
Today, ‘Zero Trust Architecture’ (ZTA), as a phrase, is a statement of intent that underpins every successful security strategy. To fulfil the promise, enterprises must think granularly about every external and internal resource and network. Knowing about every cog in its digital machine, the organisation can assess each process in context to determine whether it is what it claims to be.
The problem lies in gaining that all-encompassing visibility. Much of the region’s businesses, and many of its government agencies, have moved their IT infrastructures into the cloud. That means their security is reliant on the digital hygiene of third parties. For the enterprise that is trying to protect itself against attack, it is endlessly frustrating to be unaware of the digital assets running in its service provider’s data centres.
The first step in fulfilling a ZTA strategy is to overcome this visibility issue, which is made all the more difficult by another trend – that of the merger between the physical and digital worlds. The Internet of Things (IoT) has spawned many interesting use cases in the GCC. And the Industrial Internet of Things (IIoT) plays a huge role in efforts to scale up capacity through programs like the UAE’s Operation 300bn.
The operational technology (OT) assets that are common in these use cases can often, in fact, not be found. When we cannot ascertain what is connected to what in our networks, then we cannot determine the complex interdependencies that would allow us to visualise vulnerabilities and potential attack vectors. And while network segmentation can help with protection, it ends up adding another layer of obscurity when we try to compile comprehensive, accurate asset inventories.
Our strategy to overcome all this complexity should be to focus on the processes and people around security. Zero Trust requires extensive knowledge of the IT environment to work. That knowledge may not reside in a single department or role, instead being distributed among silos. Collaboration is a matter of culture, not technology. Collaboration over time can bring unity.
People in the enterprise must trust one another to effectively implement Zero Trust of digital assets, so that external parties will trust the organisation. For example, knowledge from two different departments that trust each other may reveal two enterprise-owned servers in the same data centre. Zero Trust principles will dictate that communication between them be encrypted. External parties will trust the enterprise because of the lack of dramatic cyber-incidents. Hence, Zero Trust of digital assets begets an ecosystem of trust among humans.
Morey Haber, Chief Security Advisor, BeyondTrust
There is a secret recipe for maintaining robust network security within an organisation. Every organisation is different, and the network architecture within each one varies, based on office locations, remote workers, dependency on cloud services, data centres, operational technology, the type of data being processed and employees, contractors and even visitors that may need access.
Consequently, the network in every modern business should be designed for business efficiency but also to minimise risk and ensure modern attack vectors can be mitigated. With all of these variables, some fundamental concepts should be included in every design.
Network segmentation divides a network into smaller, isolated segments as far down as possible, including individual assets and hosts to limit the spread of cyberthreats. This strategy ensures even if attackers breach one area, they can’t easily access others via lateral movement.
By separating systems, critical data and applications, organisations reduce attack surfaces and enhance control over traffic. It also improves compliance by enforcing security policies across individual segments, minimising the risk of widespread damage during a breach and paths to privilege escalation.
The Principle of Least Privilege (PoLP) is a cybersecurity best practice that limits user access to only what is necessary for their role via privileges, permissions, rights and entitlements, reducing potential risks.
By granting the least amount of access, organisations reduce the attack surface and prevent misuse of credentials with too many privileges. This approach helps mitigate insider threats, lateral movement and external attacks by ensuring that users, applications and systems operate with minimal permissions, thus safeguarding critical data and systems. It’s essential for strengthening organisational network security to limit any one user’s network access.
Enterprise password management centralises and secures access credentials, ensuring that only authorised users can manage and retrieve them. Enforcing best practices like password rotation, complexity requirements, session management and audit trails mitigates the risk of breaches stemming from weak or re-used passwords.
In addition, this technology provides automated discovery, vaulting and policy enforcement for privileged credentials, reducing exposure and streamlining compliance. This is essential for securing access to sensitive data and systems, providing visibility and control for enterprises connected to the network.
Vulnerability, configuration and patch management form a critical triad in maintaining network security hygiene. Vulnerability management identifies and assesses security weaknesses; configuration management ensures systems are set up and maintained according to best practices to avoid exposures; and patch management addresses those vulnerabilities by applying updates to software, reducing the attack surface. Together, they mitigate risks, prevent unauthorised access and ensure compliance in a dynamic threat landscape, safeguarding from cyberthreats that leverage networks for nefarious access.
If you consider these disciplines and have worked in the cybersecurity industry for more than a few years, you quickly realise no one ingredient makes network security strategy a complete recipe.
In fact, the best practices for robust network security are a combination of disciplines and multiple ingredients working together. And, if you integrate them with other concepts like behavioural monitoring, you quickly realise we are talking about Zero Trust as the most important security best practice for robust network security since it is a well-baked combination of all of them.
Therefore, it is this security professional’s opinion that there is a recipe for robust network security, and it is a combination of mature disciplines, bundled together, operating and integrated efficiently, that every organisation should strive to achieve. It is called Zero Trust.