So, using the traditional castle analogy, what should you do to shore up your defenses if your castle walls are increasingly getting breached? What are the strategic choices? What kinds of new defenses and armaments are necessary?
To address this potential cybersecurity melt-down, CISOs are faced with three strategic options in terms of how to proceed with their cybersecurity strategies: maintain current course and speed while hoping for the best, pile on more of the same defenses, or change the paradigm with the addition of some totally new defenses. The third option appears to be the only logical alternative to address the challenge head-on and move towards a new and improved security model.
So what types of new approaches are required on top of existing defenses? In addition to traditional “converged security” and “defense-in-depth”, organizations must assume that cyber-criminals will penetrate their perimeter and prepare to protect their critical assets in several additional ways: a “zero-trust” approach and an “adaptive perimeter” approach are two key aspects. Ultimately, it’s the combination of these approaches all working in unison, not necessarily one particular approach, that will yield the most benefit in terms of risk management.
Zero trust approach
The zero trust approach has been advocated for several years now and is an approach to protect valuable data and assets from the inside-out. It’s basically a “trust no-one” approach where you assume the traditional security perimeter will be breached, including all your “defense-in-depth” layers of security, and you need to protect what’s inside. Of course, this approach is also required for insider threats as well.
Some of the key requirements for a zero-trust approach include providing advanced data protection to all critical data assets, both at-rest and in-motion. This may involve encryption, data cloaking, data masking, and other forms of sensitive data protection such as secure communities of interest. Another requirement includes preventing lateral movement of malware within the IT environment.
Using the traditional castle analogy, what you’re doing is providing additional fortifications inside the castle walls as well as hiding your valuable assets with a security by obscurity approach so that only those with a need to know have access and visibility.
Adaptive perimeter approach
There’s been much talk about adaptive point solutions such as identity and access management, but what’s really needed is a more holistic, adaptive perimeter approach to dynamically re-define and re-configure the perimeter around vulnerable new attack surfaces.
Some of the key requirements involve protecting “new” IT assets such as cloud infrastructure, mobile devices, and the Internet of Things (IoT). The goal is to reduce the attack surface to inhibit more sophisticated forms of cyber-attack. The secure communities of interest and application wrapping approaches are a couple of examples of how organizations can effectively protect these new assets.
Sign up for CIO Asia eNewsletters.