Is your network facing IoT, Cloud and Mobility risks? | Nov16 Newsletter
"Attackers have never had more chances to steal corporate data."
Any measured look at the headline-making cyber breaches of the last few years makes it clear that corporate and government systems are under attack.
Deflecting the variety and ferocity of these assaults is becoming more difficult, yet organizations' first response to so many problems is to insist on building bigger, sturdier walls guarded by the digital equivalent of medieval sentries. As if taller, stronger walls will solve everything, when in fact this "solution" only provides a false sense of security.
"Perimeter defense," as this approach is known, isn't what it used to be because the perimeter itself is changing. From the Internet of Things (IoT) to the cloud and the growing influence of smartphones and tablets, the perimeter extends from the office to the employee’s pocket. Defending it requires a new approach.
A world without walls
Boundary-less networks are problematic for all sorts of reasons. For security pros, the biggest problem with cloud-centric computing is that it's difficult to plot—and subsequently protect—the physical journey of the data that matters most to companies.
Contrast this with 20 years ago when most networks had defined borders. Gateways would stand in front of routers monitoring traffic as it made its way beyond the firewall, which acted as a sentry. Anything that didn't look or act secure wouldn't get in, or out; firewalls and intrusion detection systems made sure of it. This is no longer the case.
Think of the sales manager working in the field each month. Chances are he'll spend at least some time on the road working in applications that have been created to make his on-the-go job possible. In the process, he'll have opened a tunnel between his device, the closest available Wi-Fi hotspot and the company's corporate network. A single breach anywhere along the journey could expose sensitive data that can impact a company's bottom line.
"Too many developers treat security as an afterthought. That must change."
From secure perimeters to secure data
Enterprises must think like the bad guys. They have to recognize that every new piece of equipment and every new app has potential exploits. Add nodes and that amplifies the weakness, which is why attackers are so keen for the acceleration of today's IoT and mobile-driven world.
The reality is, no matter how perfect security might appear, the growing influence of IoT and mobile data access guarantees that most enterprises will use applications that are exposed and open to the world. This makes them a natural target and forms a new, complicated perimeter that's much tougher to defend.
But it can be done. Organizations need a new approach that combines multiple facets, shifting the focus from guarding networks to guarding data and the applications that produce it. Here are three ways to accomplish that:
- Build security in from the get-go
Applications are the target in 80 percent of successful breaches today. Why? Because too many developers treat security as an afterthought, leaving it to the user or network administrator rather than building it in from the get-go. That must change. By embedding security into the development process, companies can ensure that networks and data are better protected from attackers. This integration between DevOps teams and security provides a parallel development whereby security features are added as core code is written. This streamlining also lends itself well to frequent updates, making it easier to patch vulnerabilities as soon as they're discovered.
- Encrypt the full life cycle
With no physically defined perimeter, and more interactions with systems and networks well beyond the reach of most enterprises—the public cloud, for one—attackers have never had more chances to steal corporate data. Encrypting it both at the source and while in transit ensures any leaked information isn't so easily exploited. There's also peace of mind in knowing that when an inevitable network breach happens, encrypted data is effectively useless to the miscreants attempting to harvest it.
- Turning data into actionable insights
Enterprises are receiving enormous volumes of data about the activities of individual users each day. Advanced security information and event management (SIEM) systems, security analytics and data mining tools are helping enterprises of all sizes weed through the noise and spot unusual patterns that may represent a breach in progress. And even if there isn't a breach in progress, checking the data can also identify risks and remediate vulnerabilities before it's too late.
Therein lie the keys to security in the new boundary-less world. Rather than exert control at the perimeter, as has been done in the past, enterprises must use new and diverse methods to keep data safe, starting with Dev-Sec-Ops for better application-level security since that's where users and attackers are focusing most of their efforts today and for the foreseeable future.
Smart encryption and better analysis are also imperative and entirely within our control. Enterprises should use all of these strategies in combination to keep their information safe. Strong firewalls, smart intrusion detection systems and good anti-virus software, while still relevant, are no longer enough.