Network Security Management
From the onset, it is important to note that for data to flow from one computer to another, such computers should be interconnected in what is referred to as a network. With such interconnectedness comes the risk of data interception and it is for this reason that network security is considered crucial.
In the recent past, the number of corporations that have experienced attacks on their computing resources has been on the increase. Outages in this case have ranged from denial-of-service-attacks to viruses to other more sophisticated forms of attack. It is important to note that these attacks, which are rarely publicly acknowledged by the affected companies, are coming at a time when organizations are increasingly becoming dependent on information systems and networks to conduct their business. Today, business communications between an entity and the various groups of stakeholders, including but not limited to employees and customers, are primarily done or carried out through networks. Any disruption on these networks could be potentially catastrophic for individual firms.
It should also be noted that organizations stand to lose should an individual gain access to their networks and computer systems. In that regard, therefore, network security management is of great relevance to companies that wish to safeguard their most important and critical resources. A discussion highlighting the key benefits of network security management is, therefore, both relevant and timely.
The Importance of Network security Management
Introduction
During the past few years, the internet has evolved greatly. Computer networks have also grown in terms of size, complexity, and relevance. Essentially, it is these changes that have triggered the emergence of a new breed of cyber criminals and other malicious individuals who are constantly on the lookout for ways of compromising vulnerable networks. This text largely concerns itself with the importance of network security. In so doing, it will amongst other things define network security and briefly discuss how network security management has evolved over time. The text will also address the implementation of an effective network security management strategy.
What is Network Security?
For purposes of this discussion, it is the definition that Richardson and Thies (2012) give to a network that will be utilized. According to the authors, a network is essentially “an interconnection of two or more computers with some means of sending messages back and fourth” (Richardson and Thies, 2012, p. 389) Given the role they play in the facilitation of remote access, networks tend to be specifically vulnerable to remote attacks and acts of sabotage. Network security comprises of all those initiatives and measures embraced by an entity in a bid to protect its network. Such initiatives and measures essentially protect not only the integrity but also the reliability and usability of data. Network security management, therefore, seeks to offer protection to the network from both misuse and unauthorized access.
Network Security Management and its Relevance
Before addressing the importance of network security management, it would be prudent to first highlight how network security management has evolved over time. The move to embrace effective network security strategies has been fueled by the increasing instances of theft and misuse of sensitive organizational data over networks. Indeed, many companies have in the past lost millions (mostly in silence) to hackers. It should, however, be noted that although interest in network security seems to have spiked within the last one decade, specific incidents in the early 90s may have convinced businesses that there was indeed need for a comprehensive network security policy.
The 1986 Computer Fraud and Abuse Act was created after it emerged that crimes relating to the use of computers to commit fraud and other related activities were on the increase (Senft, Gallegos, and Davis, 2012). However, as Senft, Gallegos, and Davis (2012, p. 11) further point out, despite being created to “protect against attacks in a network environment,” the act did have several weaknesses and faults. It is important to note that it is at around this time that authorities were beginning to come to terms with the theft of crucial information from military computers. Some of those who were either accused or convicted of computer related crime during this period include but they are not limited to Robert Morris and Ian Murphy. Later on, just as the world was coming to terms with how costly network security failures could become — primarily following the release of the Morris Worm, the U.S. Government orchestrated the formation of a response team that was essentially charged with responding to computer risk incidences. The said team was christened CERT — Computer Emergency Response Team (Wang and Ledley, 2012). It should, however, be noted that regardless of the measures that were being put in place, network security concerns continued to increase in the 1990s, after the internet became widely available to members of the public.
As I have already pointed out elsewhere in this text, it was during this decade that businesses begun to adopt far-reaching measures aimed at protecting their computing infrastructure from network attacks. In the recent past, many network security breaches have cost organizations billions of dollars. Some of the said breaches are never reported in the media.
In the words of Canavan (2001), “network and computer security is crucial to the financial health of every organisation.” This according to the author is more so the case given the increasing number of network security incidents being reported in the media on a daily basis not only across the nation but across the world as well. Indeed, within the past two decades, network security incidents have significantly increased, thus effectively validating the central claim made in this text: that the relevance of network security management cannot be overstated. From the onset, it should be noted that network security management comes in handy in the prevention or aversion of losses arising from misuse of data. In the absence of adequate network security management approaches, data manipulation, destruction and breaches of confidentiality would most likely be common occurrences.
In the year 2000, a report on network attacks pointed out that companies would lose close to $1.6 trillion in hacking and other network attack incidents. According to Canavan (2001), whichever way one looks at it, this “is a staggering amount of money with a direct effect on companies’ return on investment or assets.” It is important to note that the said report was released approximately thirteen years ago. Today, companies continue to lose billions of dollars to credit card thieves, hackers, and other individuals (or entities) of shadowy character who take advantage of system and network vulnerabilities to steal customer private information, stall organizational operations, or spy on competitors. As a matter of fact, and as I will demonstrate shortly by making use of real life examples and occurrences, network security breaches can be particularly expensive. In addition to suffering financial losses, businesses that fall victim to network security breaches could have their operations severely disrupted. The said business disruptions are more likely than not to negatively affect productivity. By extension, this could have a negative impact on the bottom-line.
One classic example of a business that has been there, and lived to tell the story, is Sony. Sony has been one of the dominant players in the electronics marketplace for decades. According to Richardson and Thies (2012, p. 366), in what came to be popularly referred to as the Sony PlayStation Network Attack back in the year 2011, attackers made use of what in the authors’ own words was a “potentially known vulnerability” to access the records of scores of the Sony PlayStation Network customers. As the authors further point out, “at stake were the records of possibly 70 million users’ credit card information….” (Richardson and Thies, 2012, p. 366). Thanks to the said attack, Sony was forced to suspend the Network for a total of 24 days. Further, as a result of the entire debacle, Sony is said to have lost millions (and possibly billions) of dollars. Sony according to Tassi (2011) acknowledged a total loss of $170 million. It is, however, important to note that some analysts have speculated that this figure could have been much higher — perhaps close to a billion dollars. In this particular case, the effective management of network security could have saved Sony from the financial mess it found itself in thanks to the PS Network outage.
Still on financial losses, it is important to note that failure to have in place an effective approach to network security management could expose a company to legal suits. Indeed, it is important to note that many businesses have in the past been sued for failure to embrace effective security measures. Court action in this case could come from the affected customers or the relevant regulatory authorities. For instance, following the Sony PS Network attack, authorities in the UK deemed it fit to fine the technology company a total of $396,100 for what it termed a preventable breach. According to the BBC (2013), in fining the company, UK’s Information Commissioner’s Office (ICO) maintained that the hacking incident “could have been prevented” (BBC, 2013). This, again, goes a long way to demonstrate just how important it is to have in place appropriate and effective network security management initiatives and measures. As I have already pointed out, customers could also sue a company for negligence. This is particularly the case should their private or personal information be compromised as a result of an avoidable network attack. For instance, to use the case of Sony again, the company according to Malcom (2012) ended up having a total of 55 lawsuits (in the U.S. alone!) as a result of the PlayStation Network hacking debacle. Again, it is not difficult to see why effective network security management plays a very important role in the protection of client data, and hence in the reduction of the risk of legal action resulting from the exposure or theft of such data.
It should also be noted that in some instances, a business could have its reputation severely soiled as a result of just a single instance of security breach. As I have already pointed out elsewhere in this text, most businesses chose not to report cases of network attacks. The motivation for this kind of behavior could come from a variety of quarters. For instance, according to Finkle and Hosenball (2014), a number of retailers experienced security breaches on their networks last year alone. Some of the well-known retailers who fell victim to the said attacks include Neiman Marcus and Target Corp. However, as Finkle and Hosenball (2014) points out, and rightly so, these were not the only business enterprises to be on the receiving end. In the words of Finkle and Hosenball (2014), the two companies “are not the only U.S. retailers whose networks were breached over the holiday shopping season last year….” One of the reasons as to why most businesses fail to publicly acknowledge network attack instances is fear of possible backlash from various stakeholders. As Finkle and Hosenball (2014) further point out, most business entities fear that the said disclosures could in some way hurt their business operations. For instance, as the authors observe, Target points out that the disclosure of the 2013 network attack prompted numerous inquiries from investors and journalists. It is, however, important to note that going forward, companies will be compelled to report all instances of data breach. According to Finkle and Hosenball (2014), quite a number of states now require that entities that have experienced network attacks leading to the exposure of client information should contact the affected customers. A single instance of network breach could seriously erode the confidence customers have on the affected company. It therefore beats logic as to why a business would choose not to embrace sound network security management practices in the face of constant threats and possible losses.
In an increasingly competitive business environment, it has become necessary for businesses to secure that information which they deem proprietary. Such information could relate to supplier deals, customer sourcing methods, future approaches to competition, new service and product releases, etc. Should organizations fail to have in place sufficient and effective network management policies in place, competitors can easily get hold of such information and use it against the affected businesses. In a bid to get rid of their rivals in the marketplace, some competitors could also try to sabotage the networks of their competitors — real or perceived. Given that quite a number of businesses conduct their businesses online, thanks to ecommerce, acts of sabotage on networks could spell doom for the affected businesses. Network security management significantly reduces the risk of such theatrics.
Today, computer networks have become rather commonplace as businesses position themselves to benefit from the convenience such networks provide; i.e. with regard to file sharing and communication. It is therefore likely that as business entities further strive for full automation, networking will become an imperative. If they are to continue being in operation, businesses must take the issue of network security management seriously. This is particularly the case given that organizations are increasingly making use of the internet and intranets to transfer volumes of sensitive information. Networks making use of, or utilizing internet links, are seen as being far more cost effective in comparison to dedicated leased lines.
Implementation of an Effective Network Security Management Strategy
Based on the discussion above, with regard to the relevance of network security management, it would be prudent to highlight (in brief) the best approach businesses could take in the implementation of sound network security management strategies. To begin with, all network activities and components must in this case be secured through the application of various policies relating to authorization and authentication. Network activity must also in this case be constantly monitored and the relevant safeguards erected. The relevance of tests to assess network security policy vulnerabilities cannot also be overstated. Assessments could in this case be conducted in a number of ways. For instance, the organization could invite a trusted entity to attack its network. Such entities/individuals are commonly referred to as white hat attackers. Such an attacker according to Wang and Ledley (2012) “breaks security for non-malicious reasons.” A white hat attacker could therefore be distinguished from a black hat attacker, in which case the latter seeks to violate the security of a computer for personal gain or pure malice (Wang and Ledley, 2012). Should the safeguards in place be deemed to be ineffective, the organization should immediately implement safeguards that are more stringent and effective.
A good network security management strategy must also be dynamic and flexible. Further, the concerned entity must ensure that the safeguards in place are reviewed, tested, and maintained on a regular basis. It is important to note that attackers are typically persistent. They also constantly update their approaches and methods of attack. In that regard, therefore, it is not enough to have in place safeguards that are neither maintained nor reviewed or tested — as they will most likely be breeched.
Thanks to the growing sophistication of network attacks, businesses must not also shy away from investing heavily on both the equipment and personnel necessary to protect critical organizational resources from being exposed, misused, or damaged as a result of a network attack. According to Canavan (2001), “in general, businesses spend money on computer and network security only when they have to.” This is sad given that as I have demonstrated elsewhere in this text, a single instance of attack could seriously affect a company’s financial standing and reputation. Further, as I have also noted in the earlier sections of this text, cyber attacks have already caused significant damage to companies in the U.S. (and across the world) in the past. By extension, such attacks also threaten the economic competitiveness of our country across the globe. All the relevant players, including the relevant government agencies, must therefore be involved in efforts bring down the number of cyber attacks taking place across nation.
Disclosures should also be treated as part and parcel of effective network security management initiatives. More companies must therefore be ready to disclose instances of attacks on their networks going forward. In my opinion, in addition to helping others identify the pervasiveness of the problem, this will come in handy in the development of effective mechanisms and strategies to defeat attackers. Although the said disclosures could have a temporal impact on the affected business entity’s reputation in the market, they are the only effective “learning avenues” in these very interesting (and perhaps confusing) technological advancement times.
It should be noted that it is not possible for a business entity to eliminate all the threats and problems related to network security. Additionally, the implementation of network security management strategies could come across as being burdensome in some cases. In addition to affecting the flexibility of operations, network security could also hinder quick and convenient access of organizational files and data. This should be seen as an unavoidable flipside of network security.
The most important thing for businesses operating in today’s business environment to understand is that solutions that seem effective today may not necessarily be effective or provide adequate protection tomorrow. This is more so the case given that as technology further advances, so does the sophistication of attacks. Indeed, as I have already pointed out elsewhere in this text, attackers are continuously varying their techniques. Essentially, an effective network security management strategy should be made up of preventive, detection, and response strategies. Prevention has largely got to do with encryption, firewalls, and effective access controls. One other hand, detection involves the installation of an effective detection intrusion system, conduction of audit logs, and constant testing and evaluations.
Lastly, we have response, in which case a business entity should, amongst other things, have effective and reliable backup measures. Businesses should also constantly keep themselves updated on the various kinds of threats they face in the digital environment. According to Richard and Thies (2012), there are four common network attack scenarios. These according to the authors include sniffing or snooping, IP address spoofing, password attacks, denial of service attack, and man-in-the-middle attack (Richard and Thies, 2012). However, essentially, there are two main categories of threats to network security that businesses should (and must) be aware of. These include resource attacks and logic attacks. A logic attack according to Cole, Krutz, and Conley (2005, p. 559) involves the use of a logic bomb which in the words of the authors “is a malicious code that is appended to an application and is triggered by a specific occurrence, such as a logical condition…” They are in most cases designed to exploit system weaknesses. Weaknesses in this case could include but they are not limited to backdoors and software vulnerabilities. Resource attacks on the other hand seek to collapse network resources by amongst other things flooding servers with an unusually high volume of service requests.
Conclusion
In conclusion, it should be noted that the elimination of all network security problems is virtually impossible. This is particularly the case given that as I have already pointed out, as technology continues to advance, approaches to network security that were considered effective today may not be as effective tomorrow. Further, individuals with ulterior motives continue to work even harder as they seek (and some times find) vulnerabilities and ways of going round the network security measures already in place. It should, however, be noted that in a bid to minimize instances of network security breaches, organizations should make it expensive and quite difficult for intruders to break through the security mechanisms in place.
References
BBC. (2013). Sony Fined Over ‘Preventable’ PlayStation Data Hack. BBC. Retrieved from http://www.bbc.co.uk/news/technology-21160818
Canavan, J.E. (2001). Fundamentals of Network Security. Norwood, MA: Artech House.
Cole, E., Krutz, R.L. & Conley, J. (2005). Network Security Bible. Indianapolis, IN: John Wiley & Sons.
Finkle, J. & Hosenball, M. (2014). Exclusive: More Well-Known U.S. Retailers Victims of Cyber Attacks — Sources. Reuters. Retrieved from http://www.reuters.com/article/2014/01/12/us-target-databreach-retailers-idUSBREA0B01720140112
Malcom, J. (2012). Consumers in the Information Society: Access, Fairness and Representation. Kuala Lumpur, Malaysia: Consumers International.
Richardson, T. & Thies, C.N. (2012). Secure Software Design. Burlington, MA: Jones & Bartlett Publishers.
Senft, S., Gallegos, F. And Davis, N. (2012). Information Technology Control and Audit (4th ed.). Boca Raton, FL: CRC Press.
Tassi, P. (2011). Sony Pegs PSN Attack Costs at $170 Million, $3.1B Total Loss for 2011. Forbes. Retrieved from http://www.forbes.com/sites/insertcoin/2011/05/23/sony-pegs-psn-attack-costs-at-170-million/
Wang, S.P. & Ledley, R.S. (2012). Computer Architecture and Security: Fundamentals of Designing Secure Computer Systems. New York, NY: John Wiley & Sons.
