The network sits at the heart of any business making your network’s health critical to the success of your organization. The number of U.S. data breaches reported in 2021 jumped 68% compared to 2020 figures. And ransomware is also on the rise. According to the Verizon 2022 Data Breach Investigations Report (DBIR), ransomware now represents 25% of breaches, which is a 13% year-on-year increase, and greater than the previous five years combined.
The advice is simple: Getting network security right significantly reduces the risk of a damaging breach. But putting this into practice can be challenging, especially for small and medium-sized businesses (SMBs) with limited resources.
Here are answers to some key questions to better illuminate what is meant by network security.
What is network infrastructure?
Put simply, an IT network is a system of interconnected computers and devices offering storage and computing power, and they're designed to share data with each other. They could be connected through Ethernet cables or Wi-Fi, and most commonly in an SMB, they'll do so in a local area network (LAN) or wireless LAN setup. As well as connecting to each other, these machines and devices connect out to the public internet, so you can use cloud computing technologies and web-based resources. However, the advantages of doing so come with one major attendant risk: If you can connect out, hackers coming the other way can potentially reach your organization's computers and data.
What is network security?
Network security is the discipline and capability of protecting these resources from any inbound attacks, or potential negligence or abuse by insiders. Some common threats include:
- Ransomware, in which attackers encrypt critical files and steal data before demanding a fee for a decryption key and to "delete" the stolen data
- Distributed denial of service (DDoS), in which a malicious attack attempts to disrupt the normal network traffic by overwhelming systems, causing them to crash or become unavailable
- Data theft through information-stealing malware, often as part of a ransomware attack
- Cryptocurrency mining, where covert malware sits on victim machines mining for virtual currency—racking up high energy bills and wearing out equipment
- Botnet malware, which hijacks victim machines to become a launch pad for types of other attacks
What is network infrastructure security?
Network infrastructure security and network security are the same concepts. Traditionally, what was meant by network security was a "perimeter-based" setup designed to stop malicious activity from entering the network. However, this has become harder to achieve as data, devices and applications become more distributed and cloud-connected.
The tools and approaches commonly used to deliver network security now are:
- Firewalls: Prevent untrusted external users and traffic from accessing your internal network
- Intrusion prevention/detection (IPS/IDS): Provide an extra layer of security behind the firewall by stopping suspicious traffic at the perimeter
- Virtual private networks (VPNs): Create a secure connection so that a user outside the network (i.e., a remote worker) can access resources inside
- Data loss prevention (DLP): Prevent staff from accidentally or deliberately sending sensitive files outside the network
- Email security: Protect against threats arriving inside the network through the No. 1 threat vector
- Identity and access management (IAM): Authenticate and authorize legitimate users and aims to prevent imposters from gaining network access
- Anti-malware: Scan for and block and block malicious code
- Network detection and response (NDR): Baseline normal network behavior and use artificial intelligence to spot when patterns deviate, indicating potentially malicious activity
- Web security: Block web-borne threats and prevent staff from accessing malicious websites
- Vulnerability management: Scan for vulnerabilities in applications and network infrastructure so action can be taken to mitigate them
- DDoS mitigation: Filter out malicious traffic that is attempting to overwhelm the network
Why is a secure network essential for business resilience?
Data is the lifeblood of your business, and the IT network provides the arteries through which it travels. From payroll to business planning, and app development to marketing software, if these data flows are interrupted and/or information is stolen, it could take down the entire company. Take ransomware: Serious network breaches in 2021 shut down major U.S. oil pipelines, disrupted critical food supply chains and much more.
Keeping the network free of malicious activity is essential to business resilience. Effective network security, or network infrastructure security, also may provide a platform for corporate success by freeing up SMB leaders to focus on growing the business.
What is the cost of poor network security?
Network infrastructure security is easy to take for granted. But some cautionary tales highlight what could happen if SMB owners get it wrong. Ransomware is a good example. Research reveals that it remains primarily a "small business problem," with 82% of attacks in Q4 2021 impacting organizations with fewer than 1,000 employees.
The average ransom payment over this time was more than $300,000. But the total costs of a breach can be many times this figure. Business interruption on average lasts 20 days—potentially hitting sales and productivity, and incurring legal, forensics, and IT overtime costs. Customer churn and reputational damage are also common following any major breach incident or DDoS campaign.
What are network infrastructure security best practices for SMBs?
Network security must therefore be a priority for any SMB. The first impulse should be to prevent as many attacks from landing as possible. But for those that get through, the focus must be on speedy detection and response. That means taking steps to:
- Enhance resilience through "cyber hygiene" best practices like multifactor authentication and strong passwords, prompt patching of discovered vulnerabilities, regular backups, etc.
- Deploy preventative security tools including anti-malware, IDS/IPS, email security, DLP, and DDoS detection and mitigation
- Roll out nontechnical controls, such as better user awareness training to spot phishing attacks
- Install network threat monitoring and detection tools like NDR to spot any attacks that sneak past your perimeter defenses
- Evaluate zero trust solutions built for SMB, which can greatly enhance network protection
Many SMBs don't have a cyber security specialist on their IT team, let alone an entire security function. That's when third-party security services could make financial and operational sense, freeing up staff to focus on high-value tasks.
Learn more about how Verizon's security expertise can help protect your business inside and out.
The author of this content is a paid contributor for Verizon.