A Cybersecurity Cardinal Rule: Know Your Network

Dec 16, 2014
4 minutes

There is so much happening in IT and cybersecurity today, and I wanted to take time to reflect on something we don’t discuss often enough: knowing your network. Few people in IT and cybersecurity would disagree that knowing your network is a cardinal rule for operating and defending an enterprise. By cardinal rule, I mean something that is fundamental and essential for operating, maintaining and defending an enterprise.

Yet, what does knowing your network mean? I Googled “knowing your network” and some good discussions came up that are IT and cybersecurity related. On the cybersecurity side, I found Russel van Tuyl’s piece interesting. In particular, he channels Sun Tzu’s famous book, Art of War, to explain how knowing your network is important to Observe, Orient, Decide and Act when taking action and defending against adversaries.

The best-known cybersecurity frameworks inherently involve knowing your network. My favorite framework is the SANS 20 Critical Security Controls – the first two controls certainly fall under knowing your network. It is obvious that knowing your network is critical to both operate and defend an enterprise.

On reflection, do you think you spend enough time and resources knowing your network, and is it a priority? Here’s a quick gauge to determine the answer:

(And be honest; don’t just point at the IT folks, all cybersecurity professionals need to know this!)

  • Do you continuously identify and monitor all applications traversing your enterprise right now, always, forever, internal-to-internal activity included?
  • Do you continuously identify and monitor all users, the applications they use and attempts to access and install unauthorized applications?

There’s no halfway answer here. It is all or none – half way means you don’t spend enough time and resources knowing your network. Did you say yes? Did you say no? I sure hope you didn’t say, “No way we can do this! Besides, there is too much tension between us and the IT teams.”

You can do this, and the technology exists. Here are two pieces of advice:

First, take the Director of IT or your IT counterpart(s) to dinner or out for a drink. Spend some time talking to them about these the two items above. Even if your IT is outsourced, you should get to know them. Don’t just become acquaintances. Become friends, bury any previous issues – go to an IT and cybersecurity intervention weekend if you think the animosity is too big. Make a pact to work together. Go to your CIO and CFO together and provide a plan that allows you to know your network. All of you will be glad you did, and I’m certain you’ll realize that you have more in common than you think.

In fact, decide to use your friendship and knowledge as a way to go on the offensive against malicious, suspicious and unwanted activity in the enterprise. Most of all, put some serious effort and resources behind knowing your network at all times, forever. Interestingly enough, this will help you and the organization by enabling the activities relevant to business and killing any enterprise activities that are unauthorized or unwanted.

Second, call Palo Alto Networks and have us come perform a free evaluation on your network. We have some outstanding professionals that can assess your current enterprise throughput and ship an appropriate Enterprise Security Platform device within a couple days – be sure you focus on a large and interesting portion of your network. That is, a high bandwidth node in your network where a significant amount of user and application activity will traverse. Then, at your convenience, the engineer will install and configure the device without disrupting business continuity.

Without a doubt:

  • The agility of our Enterprise Security Platform will immediately provide visibility and knowledge about users and the applications traversing your enterprise.
  • You will get an introduction to modern technology that reduces complexity and is purpose-built to protect and control users and applications in your enterprise.

There is a reason Palo Alto Networks is the fastest growing cybersecurity company in history and disrupting one of the most competitive industries in the world. We provide results, and the results are not in a vacuum or across a couple of threat vectors.

The platform ensures fully integrated results across all network traffic on the entire enterprise – the results help provide services and protect information needed to grow your company. What are you waiting for? The cybersecurity adventure is staring you in the face. Be an animal and grab an eval. “Don’t cost nothin!” And you will get to know your network.

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.