When talking about the latest “worst breach ever” event, people usually use the words like “sophisticated” or “complicated.” And while there is no doubt that cybercriminals have come up with more sophisticated and complicated schemes to steal valuable information off the network (anybody’s network), they tend to rely on rather simple entry points: operating systems and software that aren’t patched or upgraded; simple passwords and authentication methods; an employee who has improper access to data. Simply ensuring a secure network alone is not enough.
Yet, while cybersecurity threats and points of entry have evolved over the years, the way organizations approach cybersecurity hasn’t changed much at all. IT departments still tend to put the primary focus of cybersecurity controls on protecting the network perimeter, but, as some of the most high-profile breaches have shown, securing the network alone is no longer getting the job done.
“Securing the network alone was the solution to IT security 10 years ago,” says Sungard Availability Services’ Matthew Goche. “Today’s paradigm includes B2B connections, mobile networks, offsite storage, recovery, data warehousing, cloud computing, SaaS, social media, and the list goes on. With all of this happening, there is no legitimate perimeter anymore.”
For this reason, “Security control frameworks and best practices should be broadened out to include web security, end node security, and data security,” Goche adds. However, many organizations are still focusing on network perimeter security when building up their security program.
That’s because the widely-held belief in cybersecurity has been to focus on keeping outsiders from getting inside. But incidents like the Sony breach or the Edward Snowden revelations have shown that protecting the perimeter isn’t going to do a thing about keeping insiders from doing serious damage.