Securing a network becomes more challenging when the enemies are deceptive, clever, and savvy snakes, but recognizing the gaps in their security strategies before the criminals do can help organizations minimize detection and response times.I\u2019m reminded of Macbeth whose valor in war against Norway was rewarded with the title of Thane of Cawdor. In gratitude, Lady Macbeth encourages her husband to kill the king. She advises him, \u201cYour face, my thane, is as a book where men\/May read strange matters. To beguile the time\/Look like the time. Bear welcome in your eye\/Your hand, your tongue. Look like th' innocent flower\/But be the serpent under \u2019t.\u201d (Shakespeare, I.v.53-57)[ ALSO ON CSO: Traditional anti-virus is dead. Long live the new and improved AV ]The problem with a lot of breaches, especially those that are the result of social engineering, is that many of the attackers are just like Lady Macbeth. They know how to beguile the time. They phish like the innocent flower, but they are serpents indeed.How, then, do organizations avoid the fate of King Duncan, especially when the extended network provides more opportunities for invasion?Lysa Myers, security researcher at ESET referenced the Target example, where hackers were able to break into the sales network through an HVAC company.\u201cHVAC should not give access all the way to the point of sale machine,\u201d she said. Segmenting the network can prevent those types of breaches, as can encryption and risk assessment.\u201cIt\u2019s complicated protecting the network because it opens holes, so organizations need to develop a principle of least privilege. Access only what they need. The idea is to make it so that if criminals get in with one piece, they can\u2019t access the whole puzzle,\u201d Myers explained.If they accept that there is a risk of being breached, companies can stop criminals who gain access into their network by zoning off access through segmentation. There is no one single means of protection, though.Organizations need to be deploying a balanced and holistic security approach with the right technologies and the right solutions in place before, during, and after an attack in order to safeguard their vital information.\u201cMore businesses need to be aware of risk assessment. Without understanding what they are protecting against, they can\u2019t build the best protection. Don\u2019t go purchasing programs or creating policies without first understanding their risks,\u201d Myers said.Encrypting everything is another critical step toward creating stronger security. \u201cEncrypt as much as you can, in storage and in transit,\u201d Myers added.Myers also pointed out that there are other pieces to the puzzle, including two-step authentication and user education, or awareness programs.[ ALSO ON CSO: 6 steps to win executive support for security awareness programs ]In reference to awareness programs, Zully Ramzan, chief technology officer at RSA said, \u201cOrganizations should conduct exercises to see if the education is working. Look at initiatives and make them more targeted. Identify the employees with a higher propensity for compromises so that you can assess the risks, but I don\u2019t think companies should over-invest in awareness programs.\u201dAnalysis becomes one of the most useful tools in piecing together the most comprehensive strategies against and in response to attacks.\u201cAnalytics are important in gaining insight and then leveraging action,\u201d Ramzan added.\u201cSecurity is always about visibility and control. With the cloud it becomes more paramount to use visibility for being able to understand what\u2019s going on across all IT points from end users to the cloud.\u201dThe idea is that security is not about prevention, and focusing too much on prevention could open up greater risks. In addition to building those perimeters of prevention, organizations also need to develop strategies for detection and response.\u201cDon\u2019t inflate or conflate any of these comprehensive strategies,\u201d said Ramzan. The idea that technology alone can protect against criminal attacks is wishful thinking, he said.\u201cOrganizations need to move past prevention alone. Look at who received what, who clicked, and what happened. Monitoring response is essential.\u201dWhat\u2019s important to consider is that the criminals who are trying to hack into the network are looking for the ways to infiltrate despite the defenses that organizations are developing. The fundamental principles of a balanced approach that includes prevention, detection, and response includes the best offensive and defensive tactics.Security is no longer about protecting the perimeter to secure what is inside. Extended networks mean more connectivity, so the extended network needs to be protected.\u201cThe network is critical for defending against breaches,\u201d said Marc Solomon, Cisco\u2019s vice president of Security Marketing, \u201cbut as the Internet of Everything (IoE) expands, there will be more devices, and the extended network includes everything from data centers to clouds to end devices.\u201dAll of those pieces need to be considered in developing the strongest security.If organizations are only looking at prevention, the attackers are looking towards where the organization is blind, said Solomon. Yes, the network is the core of an organization\u2019s security, but they should be looking at it holistically.\u201cNothing is an end all be all. We are all human and we will all make mistakes,\u201d he said.Spending money on awareness training is a good best practice because security is about a balance of prevention, detection, and response. Solomon added.\u201cSecurity is a series of attack vectors, on end users, and addressing that will help, but you\u2019re not going to solve the problem solely through awareness training.\u201dMacbeth had murdered several men, including the king, before anyone suspected him of treason. That\u2019s not to suggest a trust no one approach, but a recognition of the fact that people with malicious intent don\u2019t advertise their criminal behavior. Thus, for most organizations, protecting their environments require a variety of technologies.\u201cA lot comes in through email users, so you need something that secures email like advanced malware protection. Users might click on an unknown threat, and that unknown needs to be addressed. Advanced malware might be able to see the file, understand its behavior and block the threat based on certain characteristics,\u201d said Solomon.[ ALSO ON CSO: Best practices for email security ]What are some technologies that can help in addition to advanced malware?\u201cEmail security and web security on the network or the crawl ware service can reduce the time of detection and the time of response,\u201d Solomon added.Putting in place firewalls and intrusion-prevention systems that work together are other solutions that can be in place to protect against attack vectors. \u201cThe whole security system\u2014people, process, and security\u2014is needed to secure your environment,\u201d he said.