MANAGE

NETWORKSECURITY
Mirza Waseem
2

OVERVI EW
Network security is crucial in today's digital landscape to protect sensitive data and systems from cyber
threats. It involves implementing measures to secure networks, devices, and data from unauthorized access
or cyberattacks. In the context of Commonwealth Bank Australia, their network solution architecture includes
components like firewalls, IPS/IDS devices, and log servers to mitigate network attack issues effectively. By
using firewalls to filter traffic, IPS/IDS devices to monitor for suspicious activity, and log servers to track
network behavior, organizations can enhance their security posture and safeguard against external threats.
Additionally, having a well-documented incident response plan that covers preparation, investigation,
containment, detection, recovery, and lessons learned is essential for effectively responding to security
incidents in a structured and efficient manner. This proactive approach helps organizations like
Commonwealth Bank Australia protect their networks, data, and systems from potential cyber threats.
 SECURITY
In today's digital world, protecting our valuable data and systems is crucial.
This presentation will explore the importance of network security, common
threats, and strategies to keep your network safe. Security encompasses
various aspects, from physical security of devices to data protection and access
control. It's an ongoing process requiring constant vigilance and adaptation to
evolving threats.
4

WHY DO WE
NEED SECURITY
• Protects sensitive data (financial information, personal details)
• Prevents system disruptions (denial-of-service attacks)
• Maintains system integrity (ensures systems function correctly)
• Ensures compliance with regulations (e.g., HIPAA, PCI DSS)

Security in the context of network systems refers to the protection of data, systems, and networks from
unauthorized access. It involves implementing various measures to prevent, detect, and respond to security
incidents, such as data breaches, cyber attacks, and other forms of malicious activity. The importance of
protecting data, systems, and networks from unauthorized access cannot be overstated, as it helps to
maintain the confidentiality, integrity, and availability of information, as well as to ensure the continuity of
business operations.
 VULNERABLE

Everyone connected to a network is susceptible to security threats, regardless of their

size or industry. Cybercriminals target various entities, from individuals to large
organizations, seeking financial gain, access to sensitive information, or causing
disruption. Financial institutions like Commonwealth Bank Australia are prime targets for
cyber attacks due to the valuable data they possess, the critical services they provide,
and their high-profile status. Systems can be vulnerable due to unpatched software,
misconfigured settings, or insufficient network security protocols. It is crucial for all
entities to regularly update software, educate users on cybersecurity best practices,
implement strong access controls, and conduct regular security assessments to mitigate
vulnerabilities and enhance overall cybersecurity posture.
6 COMMON SECURITY
AT TA C K S A N D T H E I R
COUNTER MEASURES
Common Security
Attacks
o Malware
o Phishing emails
o Password attacks
o Social engineering
o Denial-of-service attacks
Counter Measures
o Anti-virus software, system
updates, user education
o Phishing awareness training, email
filtering, verifying sender
o Strong passwords, multi-factor
authentication, password manager
o Employee training, verification of
requests, be cautious of unsolicited
communication.
o Network security solutions, traffic
filtering, redundancy measures.
7
SECURITY PROCESSES
Preparation: Establishing Policies, Training, and Resources for Incident Response: Develop and document incident response policies, procedures,
and protocols to guide the organization's response to security incidents. Ensure that employees are trained on incident response procedures
and that necessary resources, such as tools and technologies, are available for effective incident handling.
Investigation: Analyzing and Determining the Cause and Impact of Security Incidents: Upon detection of a security incident, initiate an
investigation to identify the root cause, extent of impact, and potential consequences of the incident. Utilize forensic analysis techniques, log
analysis, and threat intelligence to gather evidence and analyze the incident thoroughly.
Containment: Isolating and Mitigating the Effects of Security Breaches: Implement containment measures to prevent the spread of the incident
and minimize further damage to the organization's systems and data. Isolate affected systems or networks, implement access controls, and
deploy security controls to mitigate the impact of the incident.
Detection: Monitoring and Identifying Signs of Potential Security Threats: Continuously monitor network traffic, system logs, and security alerts
to detect signs of potential security threats or anomalies. Implement intrusion detection systems (IDS), security information and event
management (SIEM) solutions, and threat intelligence feeds to enhance threat detection capabilities.
Recovery: Restoring Affected Systems and Data to Normal Operation: Once the incident has been contained, initiate the recovery process to
restore affected systems and data to normal operation. Deploy backups, restore system configurations, and apply patches or updates to
remediate vulnerabilities exploited during the incident. Verify the integrity and functionality of restored systems before resuming normal
operations.
Conducting Post-Incident Analysis to Improve Security Posture: After the incident has been resolved, conduct a thorough post-incident analysis
to identify lessons learned, root causes, and areas for improvement in the organization's security posture. Document findings, update incident
response procedures, and implement corrective actions to prevent similar incidents in the future. By following the incident response lifecycle
and implementing effective security processes, organizations can effectively detect, respond to, and recover from security incidents, minimizing
the impact on business operations and maintaining the integrity and confidentiality of sensitive data.
8

SECURITY PROCESSES
 COMPONENTS OF NETWORK
SECURITY
9

The components of network security play crucial roles in ensuring a secure network environment.
Here is a breakdown of the essential components mentioned in the search results:
Firewalls: Firewalls are used to filter incoming and outgoing traffic, blocking unauthorized access to
the network. They are positioned at the network perimeter to protect against external threats
Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS): IPS/IDS devices monitor
network traffic for suspicious activity, placed in the DMZ to detect and prevent attacks before they
reach the internal network
Encryption Protocols: While not explicitly mentioned in the provided text, encryption protocols play
a vital role in securing data by encoding information to make it unreadable without the correct
decryption key.
Each component contributes uniquely to network security by preventing unauthorized access,
detecting suspicious activities, and safeguarding data integrity. Firewalls act as a barrier against
external threats, IPS/IDS devices monitor and prevent attacks, and encryption protocols secure data
transmission and storage. Together, these components form a robust defense mechanism to protect
networks from cyber threats. By integrating these essential components into their network security
architecture, organizations can establish a layered defense strategy, mitigate security risks, and
protect their network infrastructure, systems, and data from various cyber threats and attacks.
10

MEET OUR TEAM

Mirza Waseem Mirjam Nilsson​ Flora Berggren​ Rajesh Santoshi​

 I recommend Commonwealth Bank Australia enhance its network security through a multi-
layered approach, integrating firewalls, intrusion detection/prevention systems, and encryption
alongside network segmentation to isolate critical systems and reduce attack surfaces. Regular
security training for employees, emphasizing awareness of phishing and social engineering
tactics, fosters a culture of security vigilance and accountability. Continuous monitoring tools
should be employed to detect and respond to security incidents in real-time, complemented
by regular security audits and vulnerability assessments to assess and update security
measures. Staying informed about emerging threats and promptly applying security patches
and updates ensures the bank's network infrastructure, systems, and data remain secure
against evolving cyber threats.

R E C O M M E N D AT I O N
 CONCLUSION
Our presentation has highlighted the crucial elements of network security management
for Commonwealth Bank Australia. We have emphasized the significance of
implementing a multi-layered security approach, including firewalls, intrusion
detection/prevention systems, and encryption, coupled with regular employee training
and awareness programs. Proactive measures such as continuous monitoring and
updating of security measures are essential to safeguarding against evolving cyber
threats. It is imperative for the bank to remain vigilant and adaptable to emerging
security challenges, ensuring the ongoing protection of its network infrastructure,
systems, and sensitive data. By prioritizing proactive network security management,
Commonwealth Bank Australia can mitigate risks effectively and maintain the trust of its
customers and stakeholders in an increasingly complex threat landscape.
THANK YOU