Responding to “cyber war” headlines

Assessing and strengthening enterprise security

In 2023, the CIO of the Transportation Security Administration (TSA) said the U.S. was in a “cyber war". The same day, a cybersecurity advisory from CISA and NSA Red and Blue Teams underscored major network security gaps leaving organizations vulnerable to cyber threats. Regardless of the country you operate in, as stewards of enterprise infrastructure and data, CIOs and CISOs should now scrutinize their environments for these prevalent pitfalls — and take prompt action to mitigate risks.

Authentication and authorization: Major gaffes to avoid

The advisory rightly calls out improper identity and access controls as a critical exposure. All too often, organizations make blunders like:

• Failing to separate user permissions from administrator privileges

• Implementing weak or bypassable multifactor authentication

• Enabling excessive inactive session timeouts

• Relying on static passwords through poor rotation policies

Mistakes like these enable attackers to move laterally and escalate privileges once inside the network perimeter.

By implementing context-aware access policies, security teams can limit the blast radius from the all too frequent problem of compromised credentials. With the right systems in place, admin permissions can be strictly controlled while friction for regular employees is minimized.

Protecting services exposed to the Internet

Nothing invites trouble more than serving internal resources over the public Internet without adequate access controls. Simple misconfigurations often grant unauthorized access to databases, file shares, backup systems, admin consoles, and other services — and attackers are all too eager to take advantage.

By implementing a unified control plane for external access and distributed denial-of-service (DDoS) protection, security teams gain consistent visibility and enforcement. They can take back control, and valuable data can be protected from prying eyes.

Improving visibility and implementing segmentation

Once malicious code or an attacker infiltrates the network, lack of visibility and segmentation enables unfettered lateral traversal. Security may be blind to connections between different environments like production, staging, and development.

Segmenting enterprise networks into logical trust domains containing related resources allows leaders to limit blast radius. Meanwhile, improved behavioral analytics helps security teams more readily detect threats inside the perimeter.

Shrinking the attack surface

Basic cyber hygiene remains essential — yet NSA and CISA’s warning shows organizations still struggle with tasks like patching vulnerable software in a timely manner. Modern platform-as-a-service offerings allow enterprises to reduce attack surface by running only the code required and isolating execution.

CISOs can shrink the external attack surface and limit potential damage from compromised code by isolating code execution and reducing excess exposed services squashes opportunities for attackers.

The path forward: Assessing and remediating risks

The vulnerabilities spotlighted by CISA and NSA provide an urgent reminder for CIOs and CISOs. Now is the time to thoroughly examine internal and external network exposures — and take action to address risks.

Here are six specific steps that CIOs and CISOs can take to remediate the risks identified:

1. Conduct a thorough security assessment of your network infrastructure and applications. This will help you to identify any vulnerabilities that may be exploited by attackers.

2. Implement strong authentication and authorization controls. This includes using phishing-resistant multi-factor authentication (MFA), enforcing role-based access control, and rotating passwords regularly.

3. Segment your network into logical zones. This will help to contain the spread of malware and other threats in the event of a breach.

4. Deploy a web application firewall (WAF) with DDoS protection to protect your public-facing applications and APIs from common attacks.

5. Implement a zero trust security model. This means that all users and devices should be authenticated and authorized before being granted access to any resources.

6. Use a cloud-based security platform with a unified control plane like Cloudflare to help you manage your security posture across your entire organization.
   

Strengthen network defenses

Cloudflare's robust connectivity cloud is purpose-built to help leaders address many of the highlighted security concerns holistically. By leveraging Cloudflare capabilities for implementing zero trust; improving network visibility and segmentation; securing internal applications and APIs; and reducing attack surfaces organizations can meaningfully improve security posture across hybrid and distributed environments.

Rather than rely on point solutions in silos, CISOs can turn to Cloudflare as a platform for securing the entire enterprise, both on-premises and in the cloud. As stewards of business-critical infrastructure and data, modern IT leaders would be prudent to evaluate how best to mitigate the security gaps leaving them dangerously exposed. The moment to strengthen network defenses is now.

This article is part of a series on the latest trends and topics impacting today’s technology decision-makers.

Dive deeper into this topic.

Learn how Cloudflare’s connectivity cloud can help you strengthen security for current and future threats with the Modernizing security for the AI era ebook.

Get the Magazine !

Key takeaways

After reading this article you will be able to understand:

• Cyber war affects organizations around the world

• How to scrutinize vulnerabilities in enterprise infrastructure and data

• 6 steps that CIOs and CISOs can take to remediate risk
  

Other articles in this series

• Modernizing security for the AI era

• Reimagining cyber resilience

• Navigating 2026’s cybersecurity landscape