Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
ManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & Training

Firewall hardening – A critical business need

By Eric Jeffery
Cyber_001-freepik1170x658.jpg
January 17, 2022

Firewalls remain a critical component of network perimeter defense. These devices guard the gates of corporate enterprise networks. More advanced organizations deploy firewalls inside their internal network preventing lateral movement by intruders. 


Enterprises globally must harden existing firewall configurations; this is a non-negotiable activity. Over time firewall configurations experience a “drift” between what the business requires and what’s become obsolete. Organizations rarely hesitate to place new objects and rules in their firewalls; they rarely review and remove outdated components. Enterprises must regularly evaluate what their firewalls do, why they do it, and, most importantly, should these devices continue their status quo.  


Legacy firewall objects and rules increase threat vectors for organizations. As seen with the Capital One breach in 2019, a misconfigured web application firewall allowed a disgruntled former AWS employee access to critical data. This type of breach cannot happen with organizations that routinely “care and feed” their firewall deployments. Organizations, large and small, experience day-to-day operational changes impacting network and information security. Utilizing critical technologies that compare current configurations with existing application use and network traffic, reduces threat vectors and enhances corporate defensive posture.


When organizations add devices, applications, or network segments, requests are made of the firewall administrators to enable traffic. This “commissioning” procedure usually goes through a change management process and potentially an architectural review board. Creation has a process. This absolutely improves security through review and human interaction. 


Sadly, decommissioning rarely receives equal attention either with process or people. Due to this fact, firewalls grow and grow with rarely a question asked as to where an organization’s current status sits from a business need or security perspective. Firewalls that experience configuration “drift” boosts the threat of breach and data loss. 

Business leaders should understand and address this critical lack of security within corporate and government networks.


Technologies exist which help organizations remove outdated rules and objects. Newer technology exists to scan environments to identify what traffic resides in the network. 


Powerhouses lead this burgeoning sector. CIO, CISO and even CEOs and CFO’s need to know this technology exists. These tools are not a “nice to have” — they are a “must-have.” No one should believe firewall configuration review, auditing, and especially application analysis are secondary requirements. Both networking and information security teams must work with executive leadership, risk management, and application development to understand the current state. After clearly knowing what the firewall configuration looks like, analyze existing environments. Finally, perform gap analysis, clean up and remediate outdated objects, rules and other associated components in the environment.


While firewalls are as old as networking, unfortunately, as I’ve written before, we are where we have always been. Vendors are helping solve an age-old problem and enable organizations to move forward to the next level of security. These companies provide key capabilities around firewall management, auditing and automation. Some vendors go one critical step beyond because they have a newer application-centric mindset. This perspective led to the creation of technology that enables discovery, provisioning and decommission connectivity for business applications. For organizations looking to substantially increase their security maturity in the networking space, this application scanning capability is second to none. Network security must reside at the forefront of business leaders’ security mindset; they can no longer sit back and think that firewall review is a secondary consideration.


Firemon reports that by 2023, 99% of all firewall breaches will be caused by misconfiguration, aka human error. One powerful example of human error with networking involved a massive Internet outage when a Cloudflare engineer made a configuration error in their backbone network. Utilizing tools that automate this capability substantially reduces human error-related outages and breaches. Some vendors excel with application scanning and comparing actual traffic to firewall implementations. Other vendors enable organizations to automate their security policy. Both of these organizations add extensive value to corporations and governments alike. Business and security leaders in organizations must utilize these technologies and capabilities. Hardening networks and firewalls should rise to the top of organizations serious about information security.


Too often, organizations view security, particularly firewall management, as an optional technology. Routinely when discussing security solutions with customers, I hear, “we have other priorities.” They tell me firewall review “is not important.” After bringing in my 30+ years of experience and explaining what IBM and myself see in the field, customers open up to hearing new ideas. If we do what we’ve always done, we will get what we’ve always had. As I’ve written before, something has to change. Breaches continue getting worse, as we just saw with the Apache Log4j vulnerability. Organizations spend more and more money paying ransoms or funding insurance premiums. Business leadership must shift the mindset to post breach recovery mechanisms and place ideation within the prevention, a la firewall configuration management.


As I discuss in my talk on Business Leadership and Cyber Security Integration, senior leaders must engage. Risk management, CFO’s, CEO’s and even board members need to participate in the cybersecurity dialog. Understanding the risk in firewall misconfigurations and acting is a good start for entities that require security enhancement. Enterprises must understand that firewall analysis, audit and alignment with application traffic takes precedence over other security projects currently staged for deployment.  

KEYWORDS: cyber security firewall protections firewalls risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Eric jeffery

Eric Jeffery has nearly 30 years’ information technology experience with over 20 years’ in cybersecurity. Mr. Jeffery currently works as a Sr. Solutions Architect for IBM Security. He has published dozens of articles, presented at numerous conferences, and has a patent filed for a novel cybersecurity defensive maturity model. Mr. Jeffery runs a Podcast under the moniker Cyber Security Grey Beard to help students and early professionals learn, grow and advance in the information security profession. He lives outside of Denver, Colorado with his wife and has four grown children.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
close

1 COMPLIMENTARY ARTICLE(S) LEFT

Unlock the future of cybersecurity news with Security.
As a leader in enterprise security, we have you covered with the information to keep you ahead of the curve.

JOIN TODAY

Already Registered? Sign in now.

Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cyber-security-freepik-(80327).jpg

    We are at war; a cyber war

    See More
  • business continuity planning and risk and resilience at the enterprise

    Business resilience: A critical program for organizations to enhance crisis response

    See More
  • security awareness training for logistics and transportation companies

    Security awareness training: A business-critical function for the logistics and transportation industries

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • security book.jpg

    Security Investigations: A Professional’s Guide

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!