Cyber threats have now grown to be so sophisticated that they can use one company’s network to infect another one. So, now it’s more important than ever to protect your assets not only for the well-being of your company but also for your business partners.
For this reason, we talked with the CEO at Network Perception – a company that offers network audit and compliance software – Robin Berthier, about how network visibility can improve a company’s cybersecurity posture and what are the most prominent threats to look out for.
Tell us about your journey throughout the years. How did the idea of Network Perception originate?
Network Perception started as a research project funded by the Department of Energy and the Department of Homeland Security at the University of Illinois. The initial research consisted in formally verifying that organization-wide network access policies were correctly implemented by distributed local firewalls.
The founding team worked closely with industry partners for years to understand their challenges and develop the next generation of network verification and visualization technology. This technology was packaged into a desktop application called NP-View that has the unique capability of being lightweight and robust, providing compliance and security teams the fastest way to verify complex firewall rulesets in minutes rather than days. The application was adopted by the North American Electric Reliability Corporation, NERC, which is the regulating body for the electric industry in North America, to conduct their Critical Infrastructure Protection audits.
NP-View evolved as an on-premises server-based solution to enable organizations to transition from a point-in-time review of their critical network into continuous verification and visualization through automated workflows. Today, NP-View is available in three editions: NP-View Essential, NP-View Professional, and NP-View Enterprise.
Can you introduce us to your NP-View product? What are its key features?
NP-View is a software solution designed to secure critical assets with intuitive, proactive, and continuous network segmentation visualization and verification. Its key features are:
- Working offline, as it only requires copies of network device configurations to run
- Providing instant network topology visualization without having to connect to the network
- Producing instant network risk assessment by identifying incorrect network segmentation and overly permissive accesses.
The network visualization is highly intuitive and interactive to provide value to both technical and non- technical users. It also simplifies the firewall review process by unifying ruleset representation across all major firewall vendors.
What are the most common threats carried out via insecure networks?
The insecurity of networks increases risks in two ways. First, it exposes vulnerable assets to malicious actors. Second, it enables adversaries to conduct lateral movement by pivoting from one compromise asset to the next to expand their reach into the most critical zones of the network. The exposure and the expansion can be mitigated by adopting a principle of least privilege, which means segmenting networks and only permitting access to specific applications and services on a need-to-know basis.
Have you noticed any new threats emerge because of recent global events?
Two prominent threats, ransomware and supply-chain attacks, have significantly increased recently. There has been an inflection point in 2018 when the number of ransomware attacks against critical infrastructure accelerated and culminated in 2021 with the shutdown of Colonial Pipeline operations for 5 days. This is the result of adversaries perfecting their technique to generate profit from cyberattacks, and the realization that targeting industrial facilities led to higher probabilities of getting ransoms paid. The risk of supply-chain attacks became a real concern when the world discovered that 18,000 organizations had been compromised through an infected release of the SolarWinds network management software. The level of sophistication that enabled malicious attacks to compromise the built environment of a large software manufacturer was unprecedented.
In your opinion, why are certain companies still unaware of the risks hiding in their own networks?
Depending on the level of cybersecurity maturity of an organization, networks and the configuration of network devices are either left as plug-and-forget, which means nobody pays attention as long as it works, or left to the purview of a single team who is in charge of everything, from provisioning to maintaining and securing. The result is a pervasive lack of visibility into network architecture and access policies, which leads to a lack of risk awareness. The first rule of network security is that we cannot protect something we don’t know we have to protect.
Tell us, what’s next for Network Perception?
This is an exciting time for Network Perception because we are expanding in three directions. Firstly, we are transitioning from a project-based audit application into an operational cybersecurity verification and visualization platform.
Secondly, we are building partnerships with leading security vendors to enrich the NP-View visualization map by ingesting and representing endpoint and vulnerability data through an open API.
Finally, we are announcing new editions of our product this year with the introduction of NP-View Essential, NP View-Professional and NP-View Enterprise to better support critical industries through all stages of cybersecurity maturity.