The article makes some recommendations, including knowing your network assets. In other words, knowing what is is on your network, and knowing if it is behaving as you expect, will enhance your security posture.
I add the following:
- Know your network's security posture. "Water seeks its own level." Nowhere will it be higher than its lowest point. Or if you prefer, "a boat is only as strong as its weakest rower." Network security is only as strong as its weakest component.
- Next, enforce existing security policies or remove them. Too many exceptions lower a network's security posture and makes managing its security nearly impossible.
- If you are relying on reviewing log files, and associated port- and site-blocking as an important part of your network security, then you have already lost.