Overcome the Visibility Gap With Network Leak Monitoring

Posted by Fuel HQ on Aug 3, 2020 4:35:13 PM

Monday, August 3, 2020

From Fuel Headquarters


A data breach is among the most significant dangers to a company today. With financial penalties and reputational damage on the line, network security professionals are tasked with keeping networks safe and ensuring that internal information is not leaked to third parties or the outside world. That task is more challenging than ever, as hybrid networks grow more dynamic, complex and hard to manage.

In the recent Fuel webinar, “Mitigate Your Data Breach Risk From Network Leak Paths,” FireMon Senior Solutions Engineer Michael Hess discussed how the increasing complexity of hybrid networks has made regular, sweeping network leak monitoring an essential practice for network security professionals. Network leak paths could lead to costly data breaches, as internal information is made available to unintended recipients. By regularly sweeping for leak paths, you can minimize the chance that an unwanted channel of communication will open up — and you can increase visibility over your network.

Proactive network leak monitoring is essential even if you are confident that there are no leak paths. There is no worst-case-scenario for consistent network leak monitoring; either you are reassured that your security tactics are working and that you are at low risk of a data breach, or you gain more visibility over your network and cut off leak paths that could potentially cause significant problems down the road.

At the same time, it is not enough to just monitor for leak paths in the endpoint devices you think you have on your network. This is because many networks have significant visibility gaps, with more endpoint devices connected than network moderators realize. It is the problem that plagued the scientists in Michael Crichton’s novel “Jurassic Park”: If you only look for what you think you have, you will miss out on important information. For the scientists, it was dinosaurs being born in the park; for network security professionals, it is endpoint devices present in a network.

That lesson is reinforced by visibility gap statistics from FireMon. During the webinar, Hess touched on the visibility gaps present in clients from four different sectors. The information was as follows:

  • The client in government expected 150,000 endpoints but discovered 170,000 endpoints, for a visibility gap of 12%.
  • The client in healthcare expected 60,000 endpoints but discovered 89,860 endpoints, for a visibility gap of 33%.
  • The client in tech expected 8,000 endpoints but discovered 14,000 endpoints, for a visibility gap of 43%.
  • The client in finance expected 600,000 endpoints but discovered 1,200,000, for a visibility gap of 50%.

These statistics show that significant blind spots can exist in networks, and reinforce the need to proactively monitor for network leak paths. Consistent monitoring of all endpoints in a network will give real-time access and updates, granting you the ability to quickly make fixes if leak paths should appear. Taking a proactive, thorough approach will close the visibility gap and minimize the risk of a costly data breach.

To learn more about data breaches, watch the Fuel webinar, “Mitigate Your Data Breach Risk From Network Leak Paths,” related to this blog post.

Webinars are available to Fuel members. Not a member yet? It’s free to join. Get started today!

Topics: visibility gap, network leak monitoring

Posts by Topic

see all

Subscribe to Blog Updates

Recent Posts

Posts by Topic

see all