Securing a business network has never been easy, but the task is becoming increasingly more difficult.\nYears ago, there was a single ingress\/egress point to get into the network. The delineation between what was public and what was private was obvious.\nToday, that\u2019s all changed. The rise of mobile devices, Wi-Fi access points, cloud applications and software-defined everything has increased the number of entry points into a company from one to tens, hundreds or even thousands for large organizations. For example, it\u2019s common for a worker to connect to some kind of \u201cfree\u201d Wi-Fi network when travelling without having any idea who might own that network, browse the web and infect their mobile device.\nIn fact, ZK Research studies have shown that about 1 percent of all mobile devices used for business purposes are infected today. The worker then comes back into the office, attaches the device to a company access point and spreads the malware across the company.\n\nThis creates what I call the \u201csecurity asymmetry\u201d problem. Security professionals need to secure an increasingly larger number of entry points, but the bad guys need to find only one way in\u2014and the problem is getting worse as network security becomes more complicated.\nI recently hosted a webinar on this topic with Jeff Harris, senior director of security solutions at Ixia, and Glenn Chagnot, director of visibility products at Ixia. The goal of the webinar was to help security professionals understand how network visibility can be used to reverse this security asymmetry problem.\nDuring the event, we asked several poll questions to get a sense of where the audience is today with respect to the topic. The first question asked: \u201cWith all the tools you have today to secure your data, compared to five years ago, do you find security to be easier to implement, about the same or more complex?\u201d Seventy-one percent said \u201cmore complex.\u201d This should be no surprise, as the average number of security vendors a company works with today is 32, according to ZK Research.\nWe asked a follow-up question: \u201cWhich technologies create the biggest blind spots?\u201d And the top two responses were \u201cencrypted traffic\u201d (50 percent) and \u201cInternet of Things\u201d (33 percent).\nAgain, those results aren\u2019t shocking, but they do foreshadow more problems ahead. Over the past five years, the amount of encrypted traffic has gone through the roof, as it seems almost every website and cloud application is encrypted.\nWith respect to the Internet of Things, the industry is still in its infancy. And when it comes to the number of connected endpoints, as Bachman Turner Overdrive said, \u201cYou ain\u2019t seen nothing yet.\u201d We are on the verge of connecting literally everything to the company network, which will increase the number of entry points and attack surfaces by orders of magnitude and make the asymmetry problem even more acute.\nNetwork visibility key to addressing security asymmetry problem\nReversing this challenge may seem like an impossible task, similar to the Boston Red Sox reversing the curse of the Bambino. However, the latter was overcome, proving anything can be reversed, and the technology now exists to reverse the asymmetry problem and even swing it in the good guys\u2019 favor. The key is network visibility.\nWith end-to-end visibility, a business can build a baseline of what \u201cnormal\u201d traffic looks like. Any deviation from this would warrant investigation from the security team. In the example I gave of the mobile professional, the norm for that worker could be to connect to the email server, web server and perhaps an internal application. When infected, the device may also connect to something that is not normal for that user, such as the accounting server. At that point, the device should be quarantined and the investigative process started. Even if the malware uses some kind of advanced sandbox evasion technique, it will eventually create traffic patterns never seen before.\nNow the asymmetry problem can be reversed. Once the network has been breached, the malware will want to spread across the organization, creating a large amount of unusual traffic. For the malware to be effective, all of this new traffic needs to stay hidden, but the security team just needs to find one instance of it to isolate it and eliminate it. Advantage security team.\nThe last question we asked the audience was about their concern regarding network security after the webinar compared to their thoughts on the subject when the event started. Half of the attendees said they were more concerned. It\u2019s OK to be more concerned. In fact, everyone should be. But before you add that 33rd security vendor, make sure you have the visibility tools in place to quickly find breaches so those security tools can actually do what they are designed to do.