Going “Eye to Eye” with Network Security Threats Kim Correa CMGT/441 January 21, 2013 Praful Dixit Going “Eye to Eye” with Network Security Threats Introduction In the article Going “Eye to Eye” with Network Security Threats, Michelle Johnson-Cobb, VP from Skybox Security, Inc. makes suggestions about the vast security threats (Cyber-security, virus, and breeches) evading Enterprise networks today. Michelle’s evaluation emphasizes the vast steps needed to prevent risks within networks today. Furthermore, Michelle writes about the three (3) key steps needed to mitigate risks. They are Gain Situational Awareness, Simulate the Worst, and Automate to Reduce Risks. This article expresses concern on how to reduce risk factors that have the potential to breach networks. Gaining Situational Awareness According to the Johnson-Cobb (2011) article, the very first process that is identified and carried out to effectively protect the network is to study the network. When knowing its abilities and limitations, along with the security measures used, you can guarantee the network is secured. When assessing the processes list noted, Johnson-Cobb (2011) refers to these processes as “Situational Awareness.” Whereby analyzing important factors that would help in identifying the network and its perspective components. In gaining situation awareness, Johnson-Cobb refers to a management tool called Skybox Solutions. This security tool provides engineers and managers with risk management options that provide the network with less evasive tools that detect fatal risks that could leave the network in a vulnerable state; this can send various configuration errors to the firewall installed within the network. In summary Johnson-Cobb stresses that IT professionals need to be aware of hidden factors that need to be addressed before a situation might occur. It is important to know the network in which that is worked on to apply the correct security measures needed to protect sensitive information from breaches and cyber-bullies. Simulate the Worst After several assessments are checked and re-checked, it is important at this point to test the network to ensure responsiveness. It is also important to run test drills to determine system suitability within the network. When assessing the drills, emphasis is placed on identifying problem areas and ensuring that the right IT personnel with the required experience are performing the testing. Document testing procedures, document problem areas, and formulated corrective actions need to be taken to provide the network with the security protections needed. Automate to Reduce Risks Recent published reports suggest that there is an uphill battle waged when dealing with the possible threats of Cyber-Security and breaches within the network. The reasoning is that the IT networks are becoming more sophisticated.