WEBVTT

00:00.260 --> 00:07.040
There's an English phrase that says a chain is no stronger than its weakest link, which means that

00:07.040 --> 00:10.430
a group is only as strong as its weakest link.

00:10.460 --> 00:16.540
In networking terms, this holds the core, as discussed and explored in previous lectures.

00:16.550 --> 00:24.170
You, as a new network security expert need to identify and account for a single point of failure and

00:24.170 --> 00:30.470
implement a highly dependable process that will be put in place to mitigate such instances.

00:30.920 --> 00:36.140
We should also ensure that the appropriate controls are implemented around such suspectable resources

00:36.140 --> 00:39.800
of the network as per their risk profile.

00:40.760 --> 00:43.820
Continuous monitoring and improvement.

00:43.850 --> 00:49.820
Proactive network scanning should be implemented to hunt for unauthorized devices in the network and

00:49.820 --> 00:52.850
to monitor for suspicious activity in the network.

00:53.060 --> 00:58.820
This would ultimately lead to the requirement of a well defined incident response mechanism.

00:59.390 --> 01:07.050
Being a critical operational function in OC also needs to aim for continuous improvement concerning

01:07.050 --> 01:14.850
processes, approaches and turnaround time to showcase business outcomes and value creation.

01:14.880 --> 01:22.890
The major focus here is to verify whether all the deployments are accurate and operate as expected.

01:23.190 --> 01:31.720
The idea is to evaluate the actual versus expected levels of service delivery and performance.

01:31.740 --> 01:38.670
Now that we are familiar with the various network security concepts and their key components, next

01:38.670 --> 01:44.640
we will take a look at the systematic approach that organizations should follow for a comprehensive

01:44.640 --> 01:46.380
network security architecture.

01:46.620 --> 01:49.590
Due diligence and cyber resilience.

01:49.680 --> 01:56.760
An organization must have a cyber security program that aims to annually review the cyber resilience

01:56.760 --> 01:58.710
of the organization's network.

01:58.740 --> 02:01.530
This is important for various aspects.

02:01.890 --> 02:10.440
First, this ensures that the operations team is ensuring due care and due diligence across the network.

02:12.280 --> 02:18.460
This gives the leadership and operations team visibility into how the network has evolved over this

02:18.460 --> 02:21.580
period and what new changes have been made.

02:21.580 --> 02:29.890
So how they impact the network topology and how these changes the threat landscape from the organisations

02:29.890 --> 02:36.700
in terms of new threats and vulnerabilities, respectability that may stem from these changes.

02:36.730 --> 02:43.690
This also helps in mapping the relevancy of the security controls and level of compliance.