Robust internal network security controls are an essential aspect of an organisations security controls in order to limit a malicious actor’s ability to cause real harm.
Historically, organisations have focused on securing themselves from external cyber threats. However, current best practice recommends a robust internal network with layered security controls to prevent an attacker from traversing the internal network.
Organisations solely concerned with securing their perimeter often leave themselves exposed once an attacker is able to breach the perimeter. Due to the advanced nature of threats today, a persistent and motivated attacker is likely to breach any network given enough time and resources. Failing to implement suitable internal network controls can leave organisations exposed once an attacker is able to bypass controls at the perimeter.
Ensuring internal network infrastructure is secured in line with a ‘defence-in-depth’ approach designed to increase the difficulty and cost to an attacker attempting to traverse the internal network can reduce the risk of an attacker who is able to breach the network being able to achieve their goal.
Sources of internal attacks may also include disgruntled, malicious, or negligent employees, contractors and site visitors as well as external threat actors. These individuals are likely to already possess authenticated access to the internal network with varying levels of user privilege associated with their role. Testing can therefore be conducted from the perspective of an individual with similar access to the network as an employee to evaluate the risk posed by insider threats.