Cyberattacks are one of the greatest threats facing global businesses today. Hardly a day goes by that there is not a report of hackers breaching company networks and stealing sensitive customer or personal data.
Data Breaches Are on the Rise
According to Identity Theft Resource Center (ITRC), there were 3,205 total data breaches, leaks, and exposures in 2023, marking a 78% increase from 2022. The average cost of each company breach was $4.45 million.
The risk is real for all types of public and private organizations. In 2023, nearly 11 percent of publicly traded companies were compromised. Publicly traded companies withheld information about attacks in 47 percent of notices, compared to 46 percent for other organizations. Most industries saw modest increases, but Healthcare, Financial Services, and Transportation reported more than double the number of compromises compared to 2022. While Healthcare has led in reported compromises over the past five years, Utilities companies had the highest estimated number of victims in 2023.
A National Problem
To emphasize just how serious the threat of cyberattacks are becoming, presidential executive orders have been signed urging companies to share cybersecurity threat information with one another and the federal government. Industry trade associations have also joined the fight against cybercrime, with the Retail Industry Leaders Association (RILA) Board of Directors recently supporting a comprehensive, collaborative and sustainable plan. This effort will address challenges which include enhancing existing cybersecurity and privacy efforts, as well as opening a dialogue with the general public to build and maintain consumer trust.
Emerging Trend: Separate Network
In response to the threats presented by cybercriminals, many organizations are physically separating their IT infrastructure from their networks based on their primary usage in order to limit exposure. A prime example is creating a separate network to run physical security applications—a network apart from those used for other critical business processes. A physical security-only network is typically used to host a company’s security devices such as intrusion detection, video, access control devices and related infrastructure.
Benefits of a Separate Security‑Only Network
The benefits of a dedicated security-only network are multifaceted: a security-only network delivers a high level of protection and offers faster speeds, more bandwidth with easier access for loss prevention teams—while not impacting business critical systems. Deploying a standardized implementation across multiple locations can often be a lower cost alternative to traditional networks.
Further benefits to a security-only network include nearly unlimited access for applications, such as the remote monitoring of video or conducting remote investigations. This provides investigators with immediate access to video and supporting data to reduce travel, associated expenses, and the overall time it takes to conduct investigations.
When the security-only network is monitored by a certified third-party provider, added benefits include 24x7x365 monitoring for health events, remote configuration, and robust protection from access attempts. The monitoring company can also ensure that the network has the latest network security protocols and software at all times.
Should You Consider a Security-Only Network?
Any type of organization looking to provide a safer and more secure physical environment for its employees, guests and assets while maintaining a higher level of security is a candidate for a dedicated security-only network. When determining if this type of network is a viable option, it is important to consider a company’s internal IT resources in the evaluation and assessment of needs and requirements including security.
Selecting a Third-Party Provider
When considering a third-party provider for security-only networks, traditional IT companies that plan and implement standard networks may not be your best option. Selecting a company that has the proper certifications for customizing networks as well as deep industry knowledge of the security devices running on the network and how they need to work together will greatly enhance the overall end result.
Certifications such as Cisco Cloud and Managed Services Express Partner, Meraki and security product-specific certifications will help to ensure successful system integration. Cisco Cloud and Managed Services Express Partner Certification recognizes companies that have attained the expertise in the planning, implementing and supporting of cloud or managed services based on Cisco platforms.
Steps to Consider When Customizing a Security-Only Network
We are seeing more of our customers implementing networks that are separate from their customer data and POS networks to ensure a higher level of security due to recent data breaches. This trend makes the services provided by Everon’s Network Operations Centers (NOCs) even more important as our customers’ needs evolve.
The Everon NOC team can help plan and deploy a company’s network, implement and manage broadband connections. The NOC can notify a customer if their IP camera is out before they even realize it. With the large storage arrays in use today, one unknown failed hard drive could bring down an entire system, potentially destroying all archived video. The NOC can monitor the health of hard drives and immediately notify customers of a failed drive while scheduling a service call to remedy the situation and help minimize loss. Cloud-based services managed from the NOC include a web-based dashboard that allows the management and reporting of all IT environments, including networks and security, along with cloud backup and disaster recovery services.
One of the first steps is to identify the circuit requirements for the security-only network. Understanding what type of applications are going to be running on the network and how much bandwidth and speed are necessary to support the applications is key. Security-only networks are often based on commodity broadband, so it is important to ensure that the carrier can deliver reliable service and speed at any given location. It can be a challenging task trying to determine which carrier provides the best and most cost-effective solution. Everon’s NOC telecom team can help identify the best solution among the available options in your area as well as procure and provision the circuit for optimum throughout.
Once the network parameters of adequate circuit bandwidth are determined, additional considerations that should be incorporated into the system include remote (VPN) access, appropriate security measure and rules. At a minimum, there should be a strict password update rule for the duration of password life and passwords re-used from the past. Ideally a consolidated security identification system should be established to ensure continuous monitoring of access with biometric or other proven security solutions as part of any access to the network.
If any part of the network is wireless enabled, appropriate security for network access and ongoing traffic monitoring are essential. If they are not part of the system, monitoring is needed to make sure that no additional devices with wireless capability are installed on the system.
Firewall protection is essential. With the advent of IPv6 and its inclusion in networks, there is potential for a security breach when tools designed for IPv4 are faced with IPv6 calls.
Continuous monitoring should be undertaken for abnormal network traffic, behavior or attempted unauthorized access. When discovered, rules for appropriate notification and/or lockout must be determined and then enforced.
Steps to Consider:
- VPN access availability
- Appropriate security measures and rules
- Rules for password lifespans
- Consolidate security identification system
- Firewall protection
- Ongoing traffic monitoring
Everon Security-Only Networks
Everon operates its Network Operations Center (NOC) as part of our Integrated Solutions division. The center employs a team of Cisco Meraki Certified professionals. This team also holds the Cisco Cloud and Managed Services Express Partner Certification, making Everon one of the few security system integrators to hold this designation.
Our NOC is primarily focused on providing health and device monitoring of cameras and VMS, Access Control Credential management, Badging and Notifications. In addition to monitoring systems for performance and potential problems, the NOC also plans, installs and commissions LAN/WAN networks for companies that either do not have the internal resources to accomplish this in-house or for those who want a dedicated security-only network. The addition with Cisco Cloud and Managed Services Express Partner Certification delivers a new level of capabilities and expertise to the NOC in this growing outsourced services market.
“Everon’s ongoing investments in technology and the skill sets of our team members give us the ability to deliver more than just security integration to our customers,”
—Christopher BenVau, Senior Regional Vice President, West Region, Everon
Conclusion
New and innovative approaches to elevating the protection of sensitive data has never been more pressing. Whether organizations choose to implement changes to their networks internally or through a third-party partner to make them more secure, it is a process that is worth heavy consideration.
The cost of implementing a security-only network pales in comparison to the potential cost of an actual breach. If an organization or company has not yet considered the possibility of implementing a higher level of security to protect their business and their customers, it is probably time to do so.
Cybercrime rates are escalating as cybercriminals will continue to grow more sophisticated in their approach. Now is the time to ensure your business is protected.