CSW S1, E28 - How Should I Protect My Network Perimeter?

Fred Cobb – CISO and VP of Services, InfoSystems

Tim Morton – Technical Team Lead of Engineering Services, InfoSystems

This episode of the Cybersecurity Weekly Podcast is Part 12 of our series on the Center for Internet Security Top 20 Controls. Here's a quick list of where we're at:

Basic CIS Controls 1-6
Foundational CIS Controls
7) Email and Web Browser Protections
8) Malware Defenses
9) Limitation and Control of Network Ports, Protocols, and Services
10) Data Recovery Capability
11) Secure Configuration for Network Devices, such as Firewalls, Routers and Switches
12) Boundary Defense

In this episode, Fred and Tim discuss how you can detect, prevent, and correct the way your information is shared between networks. This is the sixth Foundational CIS Control and is used to secure your network perimeter. Boundary Defense is most impactful when a company has taken action against the first eleven CIS Controls (following the CIS Top 20 Cybersecurity Controls).

As the Center for Internet Security explains, your network perimeter is the first line of defense against untrusted connections. So it makes sense that attackers focus a high number of breach attempts on your network perimeter. They're trying to exploit these boundaries and access your network(s). For this reason, it's important that you place a number of boundary defenses. According to the Center for Internet Security, these defenses should be multilayered, relying on firewalls, proxies, DMZ perimeter networks, and network-based Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS).

The Center for Internet Security, Control 12 recommends taking specific actions to defend your network perimeter. Some of which include:

- Using automated tools to detect and prevent the flow of information between internal networks and networks connected to the Internet;
- Employing network-based intrusion prevention systems (IPS) at each of the organizations network boundaries;
- Requiring 2-factor authentication for all remote login access; and
- Denying communication with known malicious and unused IP addresses.

You can implement these controls yourself, but it may cost you a substantial amount of time, money, and effort. There are Cybersecurity experts who specialize in getting these controls set up for hundreds of organizations.

Listen to the full episode to learn how your business can begin following the Center for Internet Security Top 20 Controls and make your company more secure.

More Information
We'd love to hear your feedback. If you have any questions, you can text us at 423-697-9528 or email marketing@infosystems.biz.

This episode discusses Control Twelve of the CIS (Center for Internet Security) "Top 20 Controls." The Top 20 Controls are a set of prioritized best practices designed to help organizations protect themselves from cyber-attacks. It is a framework for every organization, whether you have a full department of IT support or don't have security programs or measures in place. You can learn more about the 20 CIS Controls here.

See the break-down of these CIS Controls' Sub-Controls here.

Discover how other organizations are using these controls here.