Managing through chaos to secure networks

Every time there’s a natural or manmade disaster that takes medical equipment offline, cuts connectivity to emergency services and loved ones, or shuts down access to ATMs, network engineers are at the center of the heroic efforts required to restore availability and uptime. (Though, in truth, network engineers deal with chaos every day.)

The network is what keeps businesses up and running, so it must be resilient. However, several factors contribute to the complexity of networks and the difficulty of enabling business continuity.

• AI compounds compute demands. Nearly half of technology leaders say that AI is fully integrated into their company’s core business strategy, and a third report that it is integrated into their products and services. In the rush to adopt AI, networks are becoming increasingly stressed as the actual load on the network increases, taxing infrastructure resources.
• Technologies are diverse and evolving. Businesses have evolved to enable different work models, and networks have shifted in lockstep, from basic branch connections to complex setups involving data centers and cloud platforms. Infrastructure is also evolving, driven by technologies in the cloud, such as software-defined networks (SDN), SD-WAN controllers, secure access service edge (SASE), and Network-as-a-Service (NaaS) models. Hardware devices, virtual machines, tools, and cloud services each have their own unique working mechanisms and configurations that require management.
• Vertical stovepipes proliferate. One-third of enterprises are in the middle of this technology transition, having deployed or planning to deploy SASE within 24 months, according to the 2024 Gartner CIO and Technology Executive Survey. Leveraging new technologies to address new challenges alongside old technologies that work well and are still very critical to the business creates silos. The network runs through all these environments, but when you lose visibility horizontally, there’s a gap and an opportunity for cyber threats.
• Scalability multiplies blind spots. Networks grow to support a range of interconnected use cases – including working from anywhere, returning to the office, data center migration, and AI-enabled technologies in multiple clouds – and they need to handle the increased load. This makes blind spots proliferate, and the network becomes more difficult to manage, optimize, and secure.
• Network devices are more vulnerable. AI is a double-edged sword: it fosters innovation, but hackers are using also using it to exploit vulnerabilities more quickly. With the escalation of cyber threats, it’s not a matter of “if” or “when” you’ll be targeted, but “how frequently”.
• Investment in SD-WAN and the implementation of zero trust principles continue to grow, enhancing security. However, there is a disturbing trend regarding network devices: when they are internet-facing, they are vulnerable to an attack, especially because they typically aren’t included in vulnerability management programs.
• While the number of CVEs reported against network devices is much smaller than that of endpoints, servers, or web applications, network devices have the highest proportion of high-risk CVEs. In a roundup of the CVEs published in 2024, two of the three mentioned as noteworthy referred specifically to network devices.

How can organizations restore order amid chaos?

The following tips can help:

• Evaluate network complexity to identify areas for improvement. Look closely at your workflows to find areas where you can gain more visibility and streamline processes. Whether that involves using tools you already have or new ones, that’s the first step to restoring order. Think seriously about whether you have the resources to build and maintain a tool yourself, or if it is better to look for a vendor that can get you there, so you can stay focused on network management.
• Boost network visibility. Because network engineers must support new and older solutions simultaneously, there are now too many tools required to piece together an accurate assessment of your network’s availability, uptime, and security. Consider a vendor-agnostic approach that collects information from all your network devices, organizes it in one place, and keeps it up to date, ensuring consistency for informed decisions and faster issue resolution.
• Utilize automation to streamline network management and make it more efficient.
  Teams are using automation for 24/7 monitoring and alerting, which is foundational to cyber resilience. But there’s also significant value in using automation to help maintain devices and remediate issues. Many organizations are exposed to risk because staying ahead of configuration drift and eliminating vulnerabilities in devices from multiple vendors takes an inordinate amount of time and expertise. However, teams that use AI and automation in prevention workflows saved an average of $2.2 million in breach costs compared to those that didn’t.
• NetSecOps teams must collaborate to manage complex networks more efficiently.
  Network teams and security teams share a common goal: ensuring business resilience. They just approach it differently. Work together to develop a common way to prioritize and manage risk and identify and implement controls that meet internal and external requirements and mandates. Tracking vulnerabilities and scoring them with context helps prioritize remediation based on security risk and risk of downtime, creating consensus and working efficiently to keep networks resilient.
• Leverage expertise and focus on the right things. Network engineers are experts in a particular set of infrastructure. They shouldn’t have to become coding experts to manage that infrastructure. The tool they use should enable them to have a real-time understanding of the lifecycle of all their network and security devices across multi-vendor environments, making it easy to manage those devices with built-in automation capabilities.