In their whitepaper, Rory Ward, site reliability engineering manager, and Besty Beyer, technical writer specializing in virtualization software for Google SRE, wrote "The perimeter is no longer just the physical location of the enterprise, and what lies inside the perimeter is no longer a blessed and safe place to host personal computing devices and enterprise applications."
In theory, this rip and rebuild approach to protecting data by completely redesigning the infrastructure to eradicate human error is an idealistic goal. The reality, said Jeremiah Grossman, is that, "only when a system is built and has value can we examine what works."
While they continue to search for ways to protect and defend their data, organizations need to know that they can survive an attack with little to no damage by installing trip wire policies, like honeytokens, which work like silent alarms, said Grossman.
Grossman likened the functions of honeytokens to being granted full access to rob a bank with only limited time. "I'm not going to get all the money," he said. Trip wire systems that alert network administrators to suspicious behavior allows for earlier detection which can stop criminals from accessing everything.
The final lesson, and the most important one, is that there is no shame in being breached. Yes, there are consequences, but there is no magic impenetrable security gate. "If you're out there on the internet you've been breached. The same attacks are going on across multiples. Share information with each other without giving proprietary information to competitors," said Bailey.
Sign up for CIO Asia eNewsletters.