The safety of the network I think depends on the use of a network. Technically a wire between two computers is a network, and it would have different safeguards in place then say interconnecting resources across several different regions, availability zones, and cloud providers. But generally speaking I think the best approach to make a cyber network safer is a layered defense, or defense in depth approach. The skin of the onion would be security monitoring and incident response. You can put all the policies, procedures, and controls in place but unless you monitor for the effectiveness, identify when they fail, and are constantly are vigilant for new things that you didn’t account for then they are all worthless. You need to select a set of standards and controls that you are going to apply to your network and ensure adherence to them. There is no one size fits all to this step so once you’ve selected the standard, you need to tailor the controls for your specific environment. You need to ensure that you have knowledgeable, well trained, and engaged engineers working to make your network safer. Your network is only as good as the people engineering, administering, and overseeing it. From there you start at the perimeter with your technical controls such as firewalls, IDS’s and IDP’s, DLP protection, DMZ’s, and content filtering. You want to make sure your wall is as strong as possible and only allows in what you want and just as importantly doesn’t allow anything out that you don’t want either. Then you want to make sure you secure all the endpoints within your cyber network. That includes patch management, host based IDS’s and IDP’s, host based firewalls, and antivirus protection. Then you want to make sure the applications within your cyber network are as safe as possible. That includes both custom code that has gone through stringent code scanning, code reviews and is digitally signed. It also includes COTS products that have gone through a thorough risk analysis, who have good vendor security support, and are kept up to date with regularity. You also want to make sure you secure the medium that that your data is traveling over. That means either your wireless protections or hard wired cable protections and physical security is in place to keep it safe. You also what to keep your data in transit safe by way of using secure protocols and encryption mechanisms in order to protect the integrity and confidentiality of your data. Then you want to keep your data at rest on the network safe, again using encryption to protect your data. Lastly the most important and often over looked way to make cyber networks safer, is to educate the users that will be utilizing these networks. It’s not the threat from the outside that we fear the most, it’s the threat from the inside that can cause the most damage.