There are two ways to look at everything in the universe–inside out (Egress) and outside in (Ingress). Take cybersecurity, for instance, into consideration. When looked in Egress, you will find your business as a complex web of technologically digital mesh with layer upon layers of intra and interconnected networks with the widest types of devices at the beginning, middle, and endpoints of each connection. Somewhere the wires might have been replaced by invisible wireless wavelengths and hard drives with cloud-storing databanks, yet the interlinks exist.
When viewed in Ingress, the same business with all its digital cyberspace looks like an onion. Now this cyber-versed enterprising entity is vulnerable to cyber-threats of both internal and external kinds, again from internal and external sources. To safeguard and secure such an intricately hyper-connected entity means shedding all the conventional notions in light of expecting the unexpected at any and every moment and being prepared to withstand any and every attack from all around. In other words, what a company urgently needs is a 360°business-cyber-resilience.
“fnCyber™ Security Consulting & Services in India got incepted with the sole purpose of uncovering vulnerabilities in any business system at the functional level combining the expertise in Business Continuity, Cybersecurity and Integrated Risk Management, taking the Cybersecurity Practice to organizational grassroots and infusing IT Security Controls with procedural awareness transforming enterprises as they go Cyber Resilient – Functionally,” shares, Pulkit Verma, the Security Researcher – Networks, at fnCyber™.
Neeran Niroula, the Customer Success Manager – of Security Implementations, explains that fnCyber™ is a team of pure-bred practitioners, “And we study and research a lot.” While there are products and services of all kinds, from Conventional Firewalls to Extended Detection and Response Platforms to Security Orchestration, Automation and Response, these systems require configurations. If done well, it can be highly sensitive and effective in monitoring network traffic; if not, expect 10,000 alerts (false positives per day). Out of the Box settings will either open or block everything.
He adds, “So, we asked ourselves – what’s the best way to secure networks? And here comes our USP –Network Threat Modelling. We start with – “What’s the Business? What are we Protecting and Why? The result will be a set of fine-grained network configuration policies no matter what device or hardware is in place or as simple as the ‘Adopt the Explicit Deny Policy.”
The Co-founder and Consulting Manager, Vinfred Christopher, further that ‘Networks these days have no boundaries any longer. Traditional security measures that focus solely on individual components or layers of a network are no longer sufficient to defend against the ever-evolving landscape of cyber threats.
“What we need is ‘A holistic approach’ considering the entire network ecosystem, not only the technological aspects but also the human, operational, and strategic elements. With this approach, we identify that vulnerabilities can exist at various levels, from endpoints and applications to the underlying infrastructure,” he says.
EntCybersecurity into Your Business Function
By adopting a comprehensive mindset, organizations can identify potential weaknesses and implement robust security measures to protect their networks from diverse attack vectors. This approach involves integrating multiple layers of defence, including firewalls, intrusion detection systems, encryption, access controls, and regular security audits.
“With all our expertise and experience, we study the Network Architecture from Outside-In [Ingress] and Inside-Out [Egress] and superimpose the findings onto the Organization’s Enterprise Architecture – and the result is a list of Threats the Organization faces both from Internal and External sources. We also study the historical attack patterns for the listed threats to understand the probability of these attacks. When you know your threats, their probability and their potential impact, you are better prepared to do what is needed to protect. Here is where our network security recommendations come in with best, optimal and worst-case flavours,” says Aviral Srivastava, the Security Researcher – Networks & Malware.
Sharing more about fnCyber™’s network security services and what aspects make it stand out in the rapidly evolving network security field, Vinfred reiterates that Networks in the Modern Era are boundary-less; infrastructure also extends beyond boundaries, so does the network; there is no perimeter to defend, network connections don’t just terminate at an endpoint.
Modern Employee’s productivity is hindered if fenced in a LAN behind a Firewall. And there are micro networking segmentations in the latest Web Applications designs where 100s of pods and containers communicate with each other.
Last but not least, when an API from a mobile application reaches out to a payment gateway to conclude a purchase transaction, packets hop from network to network, to and fro. “How do we know which packet should be allowed and which to drop?” Having expertise in managing hardware and firewalls to control network traffic is obsolete.
Ctrl S a Full-Scale Knowledge Base
Aviral furthers the point: The team at fnCyber™ is an ardent admirer of Zero Trust – meaning when it comes to networks, “We Will Not Trust Anything. That’s our Bro-Code which helps us stand out while rendering any of our Network Security Services. We can effortlessly conduct Network Security Assessments, be it Legacy Infrastructure, Networks with spread out remote endpoints, public, hybrid and private clouds and are equally brilliant in securing application workloads configuring granular egress and ingress rules, validating them time and again before turning them into production.”
Neeran adds, “The way we stand out from the rest of the service providers; we deploy the network security services along with an impeccable validation, maintenance, and change management schedule with a full-scale knowledge base.” At any given point, a document will have all the details in the custody of the business owner with a sign-off on the maintenance schedule. “We seal these schedules with another rule – ‘Maintenance Schedule is Non-Negotiable.”
“This reflects in our immersive benefits offered. We are security practitioners, not businesspeople. For a security practitioner, security is paramount. Like it or not, it’s our duty to let our clients know the facts, and we also tell them what a “False Sense of Security” is. And we just don’t propose one solution and say this is it. The benefit of having us on the team is that – we understand the security, and we also understand how it is going to impact the business. Our Network Security Service yields more than one solution, The Best, The Worst, The Relevant, and The Scaled security measures. While the first three are self-explanatory, the last one relates to adoption. How can an organisation take a ‘Start-Small approach and gradually scale and mount up the Security,” says Pulkit.
Ctrl f to Find Your Networks?
Vinfred continues that if they need to find out the Network Security Posture – which most of the security providers may not be in a position to assess; they, at fnCyber™, offer Network Security Risk Assessment – Free of Cost; it’s not that simple, but just that they are that good at it; that they can do it for free. “Same way, if you are working in DevOps with Containers; again, we can deliver a Free Container Security Risk Assessment. Not only that, if you are concerned about Data Protection – we can help with Data Exposure Assessment. All aspects of security in the above assessments stem from Networks. That’s why we say, to protect your assets, you must know your Networks first.”
Aviral elucidates it more, “I would like to explain one most important part of our service – we call it: “The Line of-Sight Analysis” – in this analysis we work with the business owner to establish how far their asset has gone or is placed from their place of business – and outline the security risks associated with that asset.” The results are always surprising.
CAPS LOCK an Unlimited Stream of Curiosity
Reflecting on their journey, Neeran says that initially, they were denied the opportunity to learn network security, but then who can stop when you have the fire inside you – and their curiosity took over – they studied and excelled themselves with a little bit of guidance from those so-called Not-Certified experts of the industry. “Like-minded individuals have come together, and here we are forming the core team of fnCyber™ with hands-on expertise, practising based on network security fundamentals we learned.”
Pulkit adds, “Every time we have an opportunity, we put our fundamentals to work, draw the diagrams, traffic vectors, technology components, understand the business model and list down the threats pertaining to this very model itself. And you will be staring at a solution in no time. We practised this approach n-times, and even before you know it, your thought process is programmed for this approach.”
Shift {Tech Sense of Changing Time}
Being an experienced team, the four Aces of fnCyber™ share their opinion on how adopting modern technologies like AI, ML, Cloud, and Blockchain; is impacting the contemporary network security sector and how they are contributing to the change. Vinfred says, “We all know, the pace at which the technology is evolving, catching up with it is next to impossible. We must acknowledge that Cybersecurity is a game of perseverance; at any given point in time, whoever has the motivation wins. When we attest some network as ‘Secure’, it is secure only at the point in time. If the Business has enough motivation to continue the status quo, then we can say Business is secure, or else it’s just living with a False Sense of Security.”
“What we mean by that – is AI, ML, et al., are influencing every bit of technology out there; Network Security is no exception. But then Security Comes at a cost, and if the Businesses do not have enough motivation to bear that cost to secure, someone else will break in. Be it AI, ML, Cloud, Blockchain, it is still a game of perseverance, just who is using all of them and for what,” explains Aviral. Neeran joins him by saying it’s already complex and will only get even more so.
“But our Confidence and Fundamentals don’t change – Network Security is all about controlling Hand-Shakes, and we are good at it,” adds Pulkit.
Challenges=Learning Lessons
Considering the current industry scenario, the four technocrats discuss their challenges. Vinfred informs that Network Security is not seen as a matter of concern by most business owners, and for them, it’s just like: “Can someone get me a tick in this box called Network Security?” And on one ugly day, the reality would be that you will not have access to your own network.
Aviral furthers, “So we do our part, Educate as many businesses as possible. Some of our assessments are free, including a Network Security Risk Assessment. With this in place, with the consent of business owners, we assess their networks and bring out the flaws in it and how it could potentially impact their business.”
Pulkit mentions, “For example, we assess a network and conclude that there is a possibility of a Ransomware threat, and we conduct a Ransomware Business Impact Assessment. Basis, we submit a report highlighting the financial losses in case of a Ransomware attack, and what could be done to avoid that along with the cost of implementing such a solution.”
Then the risk is either accepted or mitigated. “We think it’s a good way to educate and evaluate their network security status simultaneously,” quips Neeran.
Backspace to the Ever-Evolving Wisdom
In their advice to budding professionals who aspire to venture into the network security solutions industry, Pulkit, Neeran, Vinfred, and Aviral say that, as with other niche technology sectors, it’s a never-ending endeavour or call it a voyage.
“Even after years in the industry, we still stumble upon the “I Don’t Know That” statement quite often,” says Pulkit, while Neeran adds, “And with the advent of AI, ML, Cloud and BlockChain – I don’t think anyone can call themselves an expert at any point in their careers.”
Vinfred reveals that Network Security Engineers are constantly on the vigil with lasting persistence. “If you truly aspire to become a Network Security Engineer, please know that there may not be a day where you feel like – ‘It’s a Bright Sunny Day.”
Alt Tab to Future Window
Aviral adds, “If this is what you want – then it’s – Game On.” He furthers that as we speak, they envision scaling their organization’s operations and offerings in the future.
Pulkit and Neeran say, “We are already working to expand our portfolio of services, from establishing a Global Security Operations Center to DevSecOps and more.”
“We are also picking up pace with our IT-OT Network Security in Critical Infrastructure, which we believe is lagging at the moment, and the situations turn around any time, so we are preparing ourselves,” concludes Vinfred.