Extremely common, the amount varies but an average tens of attempts per minute is quite common
Still a common work practice in many businesses. Many kinds of threat can, for example, be copied or run from a USB stick
All inbound traffic is potentially hostile
Uncommon, but a very high risk, they can carry out many kinds of harmful activities given the opportunity
Attempts are very common and can be sophisticated, malicious web links in email and SMS for example still catch out the unwary
For example, smartphones could have been compromised elsewhere and start malicious activity when connected
This can be high risk because their activity will not be noticed unless their traffic is actively monitored. This is especially true for autonomous devices that do not run security software and do not get security updates
Internet gateways should be unified threat management devices, firewall only Internet gateways miss a critical opportunity to improve security
Security software running on devices at the edge of the network, such as anti-virus software running on a desktop computer, is diverse and in common use. Their most important limitation is that the threat must arrive at the edge device before this kind of security can be effective. For that reason, they should be considered the last line of defence
This is provided by security devices within the network.
Intra-network security is much less common, but a very important opportunity to control threats within the network.
Below are some advantages of intra-network security
Threats can be intercepted before they reach devices that might be compromised
Some network connected devices do not or cannot run security software; intra-network security is essential to prevent cybersecurity threats from reaching them and compromises spreading from them, particularly if they do not get security updates for their software
Intra-network security adds extra kinds of check to increase the chance of intercepting cybersecurity threats for those devices that already perform their own checks
More network traffic is visible to intra-network devices, giving them a better chance to block more threats
Devices and groups of devices can be isolated within a network to minimise the risk of compromises spreading
Dedicated intra-network security devices only run security software, so they are considerably less likely to be compromised than multi-purpose devices, especially user devices