Skip Links

Breach prevention is dead. Long live the 'secure breach'

By Tsion Gonen, chief strategy officer, SafeNet, special to Network World
October 29, 2012 05:21 PM ET

Network World - This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

Every defense paradigm has a finite life span and the IT industry's breach prevention paradigm, which is based on perimeter technology designed to keep the bad guys out, is completely out of step with today's threat landscape. It's time to move on to a new era: the "secure breach" era.

Think of this in terms of military defenses. Body armor, once the firewall of combat capable of defending against rocks and arrows, quickly became obsolete with the introduction of simple firearms. In World War II, aircraft carriers made battleships obsolete and today, stealth technology is making conventional radar obsolete. Offensive weapons are developed and perfected with the sole purpose of defeating the status quo defense.

EXPERT: Want a security pro? For starters, get politically incorrect and understand geek culture

REPORT: Line blurs between insider, outsider attacks

Breach prevention has been the status quo for years, and it is as helpless against today's new threats as armor was against firearms. People, however, are resistant to change. It is frightening to abandon the ways we've always done things, even when moving on is obviously the right thing to do.

To revisit the military metaphors, World War I clearly showed that machine guns, artillery and barbed wire made cavalry charges obsolete. And yet, every major military in the world maintained cavalry units through the beginning of World War II. Unfortunately, this stubborn adherence to the status quo always leads to carnage. Today's IT security carnage is playing out in newspaper headlines in the form of data breach reports.

So, how do we change the status quo and usher in the secure breach era, an approach to security that keeps valuable assets secure even when hostile intruders have penetrated the perimeter? Here's a four step program:

* Introspection: First, examine why we are not winning the war against hackers, cybercriminals, etc. Why are we not winning? Because we stubbornly adhere to Einstein's definition of insanity: doing the same thing over and over again and expecting a different outcome. In this case, that same thing is responding to breaches by investing disproportionate sums of money in perimeter defenses in a futile attempt to prevent breaches.

The industry needs to stop living in the past. It needs to try something new. It needs a heavy dose of introspection so it can adopt a new mindset: the "secure breach." Let's dig deeper into the remaining steps to changing the status quo:

* Acceptance. Stop pretending you can prevent a perimeter breach. Accept that it will happen and build your security strategy accordingly. We need to admit that we, as an industry, have a problem. Start by asking yourself if your security philosophy has changed much in the last 10 years. It almost certainly has not. You're likely to be spending 90% of your security budget the same way you did back in 2002, which undoubtedly focuses on perimeter and network defenses.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News