4 answers
4
Updated 1044 views

What parts of a network will require management while configuring basic cyber-security?

I am asking this because I am in the Information Systems Technology field (IST), but I am debating on whether I should use my office experience to go into management or cyber-security. My basic understandings are on Cisco Networking Academy, so please elaborate on whether the security measures are configured on the routers, switches, or other administrations. #cyber-security #switches #cisco-technologies #routers

cyber-security cisco-technologies switches routers
Answer This

+25 Karma if successful
From: You
To: Friend
Subject: Career question for you
4

4 answers

1
Updated
Share a link to this answer
Share a link to this answer

Paul’s Answer

Hi Brandon,


Security matters everywhere in an infrastructure, at every layer, every node. There was a day where it was just "network security" and organizations relied on a firewall. Time has taught us the lesson that security, cyber security needs to be fulfilled by applying many methods throughout.


For example, ACL's on routers serve one form of protection, and edge port security features on a switch perform another. Some level of detection (i.e. hitting a "deny" rule on a router's ACL can trigger an alert) is available through these two means. But there can be so much malicious traffic that can get through using IP's and ports matching your "permit" rules. So what then?


A greater list of approaches to cyber security challenges would be far to exhaustive for this answer, but search online for "network security frameworks" to get an idea. You'll find functions - i.e. policy, protection, detection, response - and methods - i.e. router acl's, certs/pki, ids/ips, vulnerability tracking and patching - and more. I would advise against prioritizing vendor-specific marketing in these areas because it's easy to lose sight of fundamentals and emerging concepts when vendor literature is geared to have you gravitate more toward what they offer, rather than what you need.


As far as pursuing cyber security vs. management, that's a personal decision. I would say though, that if you were thinking of managing in a cyber security type of organization, just know that today's CISO's and other security management roles require actual security engineering experience.


A couple suggested frameworks to chew on:
https://www.nist.gov/cyberframework
https://www.pcisecuritystandards.org/document_library


Paul
Thank you comment icon I thank you for your answer, and in response: I will look into those links, have a wonderful day. Brandon
1
0
Updated
Share a link to this answer
Share a link to this answer

Chad’s Answer

We have entered into the era where security MUST be baked into every portion of technology - software, endpoints, network architecture, etc. In the not-so-distant past (and sometimes in the current world we live in), security has been an afterthought that was bolted on after a product was tested and rolled out operationally. This is why companies currently spend an enormous amount of money on security assessments and compliance-driven activities in an attempt to be secure and meet current security standards. Organizations are now demanding that security features are implemented at the beginning of a project, and for good reason - just take a look at the recent data breaches and ransomware attacks occurring in the news. On the network architecture side, this is why you must understand how to properly lock-down and secure devices such as routers and firewalls through mechanisms such as properly-tuned ACLs, IDS/IPS implementation, secured passwords, and disabling of unused services, just to name a few precautions.

I am glad Paul mentioned the PCI and NIST standards. I will leave you with another resource that is also used within the government world, and more specifically, the Department of Defense: https://iase.disa.mil/stigs/Pages/index.aspx
0
0
Updated
Share a link to this answer
Share a link to this answer

Glenn’s Answer

As the others have stated, security is not a service or product that can be added into a network. Security must be considered at every infrastructure, platform, software, and configuration change decision. There are tools that can abstract this to a more manageable level but for a network to be "secure" means to have the processes in place to incorporate security practices in an ongoing manner. I know this is a bit high level but with your networking background, you are primed to understand the infrastructure piece of security. Good cybersecurity managers will have knowledge the other pain points as well! e.g., application security, web security, client security, DLP, perimeter security (boundary), supply chain security, etc... just to throw a few terms out there for you to Google!
0
0
Updated
Share a link to this answer
Share a link to this answer

Mark’s Answer

As you can see from Security professionals who have already responded, security is everywhere. It's as necessary as power to the equipment. We are in an age where security is so vital, in every industry you can imagine. To take that a step further, your networking experience is useful in almost every walk of life, so being network savvy and security conscious is a great combination. As to your question, whether to be in management or cyber-security, try them both! You can then make a more informed decision.

0