What is network security? A new model for protecting business

by Jeremy Legg, Chief Technology Officer, AT&T Business

It may seem hard to believe, but protecting digital data has been an issue since the 1970s. In 1971, Ray Tomlinson invented machine-to-machine electronic mail (email) for the Department for Defense network—the U.S. Advanced Research Projects Agency Network (ARAPNET).1 Soon after, a researcher named Bob Thomas created the first cyberattack through a self-replicating program, Creeper, to see if it could leave a trail between machines across ARAPNET. Unlike today’s viruses that destroy data, Creeper only displayed a message on the screens it infected. In response, Tomlinson invented the first antivirus, Reaper, which effectively neutralized the virus.2

Then in 1983 came the birth of the internet. Like email, it too was initially used only for military purposes. However, once the internet hit the public domain in the 1990s, cyberattacks—and the network security that tried to keep up with them—took on a life of their own with data-destructive behavior, challenging IT teams to combat threats.

Security solutions are often designed to address a specific need. For example, antivirus software protects a machine by scanning existing programs or incoming traffic for threats. More broadly, a firewall guards against unauthorized access to a network. As digital technology and its footprint continues to expand, there are more lapses at these endpoints. As a result, cybersecurity continues to evolve to address gaps with endpoint security. This protection includes cloud security, mobile security, and many others to layer cyber protections. Together, these layers equate to a comprehensive cybersecurity infrastructure that helps defend vulnerabilities that may expose data on a network.

While a multi-layered approach to security is essential, the core of all digitization is the network. For this reason, network embedded security must be the foundation for all security efforts. It’s important, though, to not look at security embedded into the network as simply replacing endpoint security, firewalls, and other valuable security products and services. These technologies can work in tandem to create “clean pipes”— real-time visibility into all the traffic crossing our network — which can detect the bad actors going both downstream and upstream. Think of this as a form of automated, low-touch remediation.

What is network security and why is it important?

Simply put, network security is a combination of people, process, policy, and technology that protects the business from both internal and external cyber threats. It simultaneously uses a layered approach to create a secure network environment that allows for productivity across the business.3

As the number of endpoints that access a network continues to increase, the access points for how an attack can enter the business increase as well. Mobile devices, Internet of Things (IoT) technology, and a host of other tools, machines, and applications all create potential entry points to the network. And it is all too well-documented that the damage from a cyberattack can be significant.

To put this into perspective:

  • From 2006 to 2022, the average cost of a data breach in the U.S. rose from $3.54 million to $9.44 million.4
  • From 2001 to 2022, the total damage of cybercrime rose from $17.8 million to more than $10 billion.5
  • Residual costs after a cyberattack include operational disruption, reputational damage, and the possibility of a 200 percent increase in insurance premiums or denial of coverage.6

These costs can cripple a company or put it out of business entirely. And while many publicized cyberattacks tend to skew towards the loss of money, the reality for a business is the loss of intellectual property from cyberattacks is growing and becoming all too frequent. Intellectual property attacks affect not only the business, but society and our communities. The impact can linger for months or years.

Of course, business leaders are aware of this and continue to invest more in cybersecurity. Here’s the question—how effective can the cyber tools be if the network is vulnerable?

To build a house you first need a reliable, secure foundation. Today, this secure foundation begins with fiber connectivity. This has changed the game a great deal since it’s not as vulnerable to cybercrime as traditional phone lines. However, with cybercrime continuing to escalate, network protection must evolve. For this reason, the very definition of network security is changing.

The biggest challenges of addressing network protection

Digital transformation has created many new opportunities for businesses. It enables greater efficiency, better productivity, more flexibility, and for companies to work faster and smarter than ever before. These benefits are the result of technologies like IoT, which creates and shares data in real time. Add to this artificial intelligence (AI) and machine learning (ML), which enable for more reliable automation, faster analysis, more convenient customer engagement options, and virtually unlimited other opportunities.

The result of this boon in technology has been the proliferation of endpoints to the network. These are generating, collection, sending, and receiving enormous amounts of data—access points and data that can be used to infiltrate the network. IT leaders are constantly trying to keep up with network security threats through not only cybersecurity tools and applications but employee accountability. It’s a lot to keep up with.

Next, we have system misconfigurations, including cloud misconfigurations. These are vulnerabilities that can cause several security headaches. They occur when security settings are implemented incorrectly or are not defined properly. The issue may not occur at the time of configuration, but over time, creating a configuration drift. In this case, the environment changes over time and fails to stay aligned with IT requirements. This can open the door to a security breach if additional precautions like encryption and controlling access are missed.

Another big challenge in network protection is staying up-to-date with tool, application, and software updates, which often include security patches. These updates are critical to keep pace with the latest cyberthreats. When companies or users delay or fail to run an update, it can create a significant risk to the business. It opens the door to ransomware attacks and a host of other cybercrimes.

In each layer of security, gaps can occur. Firewalls, antivirus software, password protections, and any others can all be vulnerable if they’re not cared for properly. IT teams may work to implement security patches, but that isn’t always enough.

Three types of network access requiring security

Addressing the vulnerabilities is a start, however, companies need to think beyond patching holes and implementing firewalls when it comes to their cyber defenses. Our many decades of experience suggest that three broad types of network access require protection from cyber threats.

First, there are physical business locations, including headquarters and branch offices, that must include secure, high-capacity network connectivity. Our multi-protocol label switching (MPLS) solutions  served this market well for many years. However, in more recent years, we’re seeing Software Defined Wide Area Network (SD-WAN) becoming the primary technological approach to defending one’s enterprise or business.

Second, there are the end-users working from anywhere and hybrid work has expanded this even further. These users are typically served by some form of virtual private network (VPN) solution. Security approaches for remote access range from heavy client-server VPN deployments, using underlying protocols such as IPSec, to lighter solutions integrated into the browser, using protocols such as Transport Layer Security (TLS), which is designed to provide cryptography on the internet. These approaches helped users cope with work style transitions prompted by the pandemic.

Lastly, there are the third parties who require access to their business customers. The need for B2B security became evident many years ago with the outsourcing of corporate functions to remote support teams.

How network security protects your data

Now that we know the three types of network access every organization must take into account in building and using the right cybersecurity approach, what should be done to remediate these challenges?

As a start, Zero Trust and Secure Access Service Edge (SASE) are useful for these types of network access. There’s a caveat, though—they require considerable adjustment to support the challenges of handling modern hybrid networks, legacy systems, mergers and acquisitions, and other unique one-off scenarios. Additionally, today many B2B connections combine VPNs with a wide range of older protections including IP source address filtering to dedicated connections. Authentication is provided using an identity and access management (IAM) tool.

We see the future of approaching network access challenges as a new model that is essentially a secure access network edge with five architectural zones.

  • The Customer Network zone includes the various use-cases listed above – namely, corporate offices, third-party suppliers, and end-users working from everywhere. We agree with the SASE model that access should be delivered using a smart edge, and our AT&T Business team has been innovating heavily in this area. This includes solutions that use virtualization and software-defined networking (SDN) to enhance the evolving edge.
  • The Access Network and AT&T Network zones are embedded into our service infrastructure. You can think of these components as being how we extend our massive network from a common internal core to broad geographic coverage for our global customer base. This is true for both wireless communications using 4G and 5G technology and for our world-class fiber infrastructure serving broadband connectivity to customers.
  • The Edge Locations and Cloud Interconnect zones support the device-to-cloud needs of our customers. Increasingly, businesses are moving from traditional physical data centers to a cloud-based architecture, where applications and workloads are the primary tools used to accomplish the organizational mission. AT&T has been at the forefront of connecting users to cloud since the invention of these capabilities.

This network and security convergence simplified secure internet connection implementations for organizations from small and middle-sized businesses that might not have a security team to large global enterprises that manage numerous remote locations, employees, and data in hybrid cloud environments.

Prioritizing network security

You don’t wait for a disaster to hit before making the proper investments in protecting your business. Cybersecurity challenges are becoming increasingly sophisticated, and networks are the foundation of security for any organization. Whether it’s a ransomware, phishing, or any of the countless other incidents often read about in the news, it’s become clear the traditional security approach needs to be revisited. You can’t build a perimeter around the enterprise and then constantly add a new box or capability based on the most recent threats.

When we think about the future of cybersecurity services, we like to think about a secured fence all around the parking lot outside of a football field to keep the malware and other threats out from the start. In short, embedding security into the network. Software-enabled features enable AT&T Business to combine security technologies into the network. This delivers active threat prevention and detection into the connectivity services, executed at its multi-service edge.

The security your network and business deserve

AT&T Business security solutions start with the network. You can trust that your business is safe from cyberattacks no matter how technology evolves or how you expand your customer base. We have been a connectivity leader for more than 147 years and continue to build on our decades of experience. And data security is entrenched in our DNA. In 1917, we invented the first unbreakable encryption for a Teletype machine. In 1988, we were among the originators of the packet-filtering firewall. And now we’re focused on developing a new model where security starts at the network.

We use the latest technologies, such as fiber, artificial intelligence, and machine learning to ensure your networks are reliable and secure. And while 5G is known for faster speeds, more reliability, and lower latency, it will also improve security as networks reach full compliance with 5G industry standards. It will offer more privacy for your identity and stronger encryption for your call. For example, when your voice and data travels from your device to a cell tower, it will stay confidential because it’s scrambled. Also, more and more, 5G is being run by smarter software. It relies on flexible software from an open community, not specialized hardware from a single company. Your call is routed through virtualized network nodes – switches and hubs that can be moved instantly from one physical computer to another. If there’s a problem, it can be isolated or patched quickly.

As a leader in cybersecurity with more than 1,000 security-related patents, our experts in AT&T Labs and across our Chief Security Office are hard at work developing this future model for both business and government. Pairing this with our experts that know your business better than anyone else in the industry, we believe this is truly setting a new standard for networking with security designed for today and tomorrow’s needs.

Why AT&T Business

See how ultra-fast, reliable fiber and 5G connectivity protected by built-in security give you a new level of confidence in the possibilities of your network. Let our experts work with you to solve your challenges and accelerate outcomes. Your business deserves the AT&T Business difference—a new standard for networking.

Learn more about AT&T Business networking solutions or contact your AT&T Business representative to connect with an expert who knows business.

“The First Computer Virus of Bob Thomas Explained,” History-Computer.com, November 30, 2022, https://history-computer.com/the-first-computer-virus-of-bob-thomas/
2Vikki Davies, “The history of cybersecurity,” Cyber Magazine, October 04, 2021, https://cybermagazine.com/cyber-security/history-cybersecurity
3Nick Calalanca, “What is network security? Network security technologies explained,” AT&T Business Cybersecurity Blog, November 4, 2020, https://cybersecurity.att.com/blogs/security-essentials/network-security-and-technologies-explained.­­­
4“Average cost of a data breach in the United States from 2006 to 2022,” Statista, Accessed May 31, 2022, https://www.statista.com/statistics/273575/us-average-cost-incurred-by-a-data-breach/
5"Amount of monetary damage caused by cyber crime in the IC3 from 2001 to 2022,” Statista, Accessed May 31, 2023, https://www.statista.com/statistics/267132/total-damage-caused-by-by-cyber-crime-in-the-us/
6“Seven hidden costs of a cyberattack,” Deloitte, Accessed May 31, 2023, https://www2.deloitte.com/us/en/pages/finance/articles/cfo-insights-seven-hidden-costs-cyberattack.html