Skip to Content
Security Feb 12, 2021

Managing a breached or ‘dirty’ network

In the wake of the SolarWinds hack, our experts look at how organisations should reshape their cybersecurity to maximise defences.

The SolarWinds incident that became apparent in December 2020 has had a huge impact across the entire technology ecosystem – and it continues to unfold.

Now no one can assume they haven’t been breached, how do you secure your organisation and data on a ‘dirty’ network? How do you put strategies and technologies in place to cope with the fact that you may have already been successfully attacked, and just not know it yet?

You need to ‘assume breach’ – expecting a sophisticated and motivated attacker will find a way into your estate and manage to stay hidden for some time.

Investigate how the following six recommendations can help you ‘assume breach’:

Know the personas on your estate

Understand who’s on your network, coupled with high confidence audit, reporting and alerting.

Understand your assets

Know what you have, what is vulnerable, and resolve the risks.

Prioritise endpoint solutions

Use Endpoint Detection and Response solutions to bring together next-gen antivirus, threat hunting and threat intelligence on the endpoint device.

Make it difficult to move between zones and workloads

Go beyond flat with a Zero Trust model using network segmentation and micro-segmentation.

Take a systemic approach to detecting threats

Use SIEM and audit to detect compromises in your estate quickly.

Be curious

Use your human firewall and give your analysts room to explore.

Please complete your details to download the whitepaper

Information provided will be treated in accordance with our Privacy policy

There was an error in submitting the form