these breaches are the result of concentrated efforts of organized criminals that deploy automated attacks. Worms and viruses initi- ate the vast majority of attacks, using worms and advanced malware to probe for weak- nesses and infiltrate ill-secured networks. These types of attacks generally find their targets randomly. As a result, even organi- zations that may feel they have little or no confidential information may end up as vic- tims of cybercrime without taking adequate preventative measures.
So, everyone needs a firewall but what kind?
In order to decide what type of firewall will work best for your organization, here are a few questions to identify the right solution.
• What security measures will the firewall
need to perform?
• What additional services would you like
to be part of the offering?
• What networking functions will it need to
perform?
• How will it interact with existing services
and users?
• What does the firewall need to control or
protect?
The list might include access into the network, access out of the network, access between internal networks, departments, or buildings, access for specific groups, users or addresses and access to specific resources or services.
What regulations is my business subject to that would require a firewall or specify how it is configured and/or managed? (For example, are you subject to HIPAA or PCI?) What would it need to protect? Some of those answers would be specific machines or network, specific services, information—pri- vate or public and users.
• What impact will a firewall have on your
organization, network and users?
• Is hardware available that meets the re- quirements to support a firewall solution?
• Will existing services be able to function
through a firewall?
• What will the financial impact be on the
organization? (Financial impact should include initial implementation costs, on- going maintenance and upgrades, hard- ware and software costs, and technical support costs.)
Self-Administered
Firewalls or Managed
Firewall Services
While we have established that firewalls are an important component for every business in operation today, we understand that there are a variety of firewalls to choose from. Now it is time to determine if a self-admin- istered approach works best for the company or if a third-party managed firewall service is a better choice.
Key questions to consider in the decision- making process may include:
• Who will administer the solution?
• Are experienced technical personnel avail-
able for the job or will someone need to be hired from outside your organization? With the cyber threat landscape ever-
evolving, your cyber security policies and procedures along with your cyber defenses, including firewalls and anti-virus software need to be evolving as well. This means that a “set-it and forget-it” methodology just will not work. Organizations that lack the exper- tise to properly maintain their cybersecurity programs may struggle to keep their data safe.
To further complicate matters, a 2017 Cy- bersecurity Jobs Report 2018 to 2021 by Cy- ber Security Ventures predicts that there may be as many as 3.5 million cyber security job openings by the year 2021 and not enough people to fill them. The lack of resources will make it hard for many organizations, par- ticularly small to medium sized ones, attract and retain cybersecurity experts. Add that to the cost of those individuals and the poten- tial for high turn-over rates for individuals in demand, maintaining a safe and secure en- vironment can become even more daunting.
A third-party managed firewall service administered by certified Managed Security Service Providers (MSSP) may be the solu- tion for many, if not most, organizations. Key benefits to this approach may include:
• 24/7 real-time security event and device health monitoring
• Support from certified network security experts
• Potential for improved total cost of own- ership and reduced costs
• Simplified management
• Better internal threat protection
• Reduced internal IT security training
One final consideration when determin- ing which approach will work better for your organization is the number of firewalls that may need to be managed and maintained.
Historically organizations generally only had one firewall, between them and the world. Now, not only are the devices them- selves more complicated, but there are more of them in an organization. Segmentation and even micro-segmentation means that or- ganizations are employing more firewalls to put controls and safeguards between areas inside their network, as well as help protect them from the outside. This adds to the com- plexity of your cybersecurity defenses.
Using a managed firewall service can deliver a team of IT security experts to proactively detect new threats and help to reduce threat issues without the expense of hiring, training and managing an internal staff. With cybersecurity threats on the rise, constantly evolving and presenting a risk to organizations of all size across every indus- try, keeping your data
secure is paramount no matter what path you choose to pursue.
Rich Aycock is the man- ager of Cyber Operations at ADT.
• •
•
Device provisioning and deployment Performance, availability and policy man- agement, upgrades and patch management Real-time security and health monitor- ing and expert response to threats and health issues
46
0419 | SECURITY TODAY
CYBERSECURITY
Andrea Danti/Shutterstock.com