Introduction: Can Network Blueprints Help Reduce Cyber Risk?

This is the introduction to a series of guest blogs written by TAG Cyber analysts in conjunction with our colleagues at Cynamics. This five-part blog series focuses on how accurate, full visibility into an enterprise network environment is vital to proper cybersecurity and risk reduction. The blogs explain how most organizations have a weak understanding of their complex network architecture and infrastructure. Security start-up Cynamics is shown to offer an effective solution for creating a network blueprint that can be used as the basis for cybersecurity management.
Any professional engineer will attest to the obvious value of an accurate blueprint for whatever
system, structure or resource that is being constructed or maintained. Civil engineers, for
example, would never dream of making any consequential structural decisions about a bridge
or other major structure without consulting blueprints that show the shape, size, dependencies
and other quantitative aspects that influence functionality and safety.
In sharp contrast, network engineers and security professionals rarely include detailed
blueprints about the distributed systems they are asked to maintain. Certainly, rough sketches
or inventories often exist, perhaps with addressing information, broad domain settings and
high-level topological drawings. But the types of details that would be required to make proper
security decisions about a complex network are rarely available in an accurate blueprint.
This missing element in the toolkit for network security teams stems primarily from the
challenge of complexity. No security expert would claim to not want or need an accurate
blueprint, but most would accept the excuse that such blueprints are unavailable due to the
highly complicated aspects of a typical network. A key reason for this is the significant
differences between one network and another in their size, data volume, applications, top-
talkers and architecture, to name just a few. While this observation might be correct, it does
not reduce the need for accurate blueprints. Networks are too diverse, but what about their
patterns?
In this series of blogs from the TAG Cyber analysts, we introduce the idea that network
blueprints are not only necessary but are now feasible to create by leveraging advanced AI and
deep-learning technologies for the first time. The blogs explain how a blueprint would work and demonstrates such capability using the commercial solution from security start-up company Cynamics, which offers a network blueprint option for enterprise customers.
Dr. Edward G. Amoroso
Chief Executive Officer, TAG Cyber LLC
Research Professor, NYU
August 11, 2022