The security perimeter has faded. Old defenses for environments can no longer be relied upon to ensure an organization’s protection from rising threats. It’s a vanishing security perimeter. To clarify, those are pretty definitive statements, with sobering implications. But, as any prudent patient would say, “I’m going to get a second option on that.” That’s what we did in “Borderless Behavior Analytics – Who’s Inside? What’re They Doing?”
The Borderless Behavior Analytics Contributors
One of the contributors to the book, Jerry Archer, CSO from a major financial services company, observes: “The reality is that the perimeter will shrink to one individual, one application, or one small set of applications.” Another contributor, Uber’s CSO, Joe Sullivan, sees the security problem from a somewhat different perspective, nonetheless with the same implications: “The challenge is that the applications are fragmented all over the place, and employees are fragmented in dispersed locations as well.” The shift in developing security strategies that requires the support of borderless hybrid environment is considerable. The initiative begins with identifying and defining the constituent elements of a problem to help build a solution.
Past CIO of the U.S. Department of Defense, and CIO at Large, Teri Takai begins that process by asking these questions: “What is the perimeter? What’s protecting the perimeter? Is that protection effective?” In her chapter she notes, however, that the majority of environments today are building in an age of what is quickly becoming a legacy technology. And that “…network architects… could in no way anticipate, or account for, the sophisticated access and staggering data volume that IT organizations face today.” In a world of the vanishing security perimeter, security solutions need to have an evolutionary element to them, to keep pace with the changes in technology and hacker innovation.
A New Paradigm of Security is Necessary to Protect the Vanishing Security Perimeter
Contributor Robert Rodriguez, founder and CEO of the Security Innovation Network(™) (SINET), however, offers a cautionary observation. “A number of organizations today… are inclined to throw headcount at a challenge like this. That’s simply the wrong approach…” In addition, he notes: “Only solutions with advanced analytics, powered by machine learning and leveraging big data for context, can provide the visibility into identity risks and the monitoring of user behavior for unknown threats that is needed across all of an organization’s hybrid cloud environments.”
But why machine learning? Past CISO for Juniper Networks and Sun Microsystems, Leslie K. Lambert depicts a common scenario. In Borderless Behavior Analytics she discusses hackers in today’s environments: “Without machine learning, normal patterns of discovery and response cycles for this type of attack would be in the range between months and years…” She also adds: “If it’s not a normal condition, it’s an anomaly, and machine learning will uncover it…”
These security leaders, in recognizing the problem, and the challenge, were also striving to develop reliable solutions. Therefore, they had to work within their own unique and demanding environments, each with their own requirements and use cases. Similarly, Carnival Corporation’s Gary Eppinger shares this in his chapter: “Because of this wide-scaled hyper-hybrid environment, with increasingly high data volume to analyze, we needed big data and behavior analytics to find those weak links.” Monsanto’s CISO Gary Harbison puts it this way in his segment: “In this new normal of the hybrid cloud, machine learning and big data are essential to deliver accurate and timely insights to the security analysts.”
Pick Up a Copy of Borderless Behavior Analytics
In conclusion, we value these ‘second opinions’. They have helped us define our strategies for contributing to the next generation of behavior analytics. We encourage you to seek your own second opinions. In the process, consider one of those sources to be “Borderless Behavior Analytics – Who’s Inside? What’re They Doing?” It’s time we all had a better undestanding of the vanishing security perimeter.
Web page: Borderless Behavior Analytics