The Picture of Threat Intelligence

Issue link:

Contents of this Issue


Page 4 of 5

5 24% Percentage of businesses treat preventing, prepar- ing for and responding to risk as a strategic busi- ness priority. – Travelers 2017 Travelers Risk Index traditional security model," Elledge says. "The traditional model was built on the concept of a private network and this model still exists as the primary mindset in the security community. The private network model was never designed to operate in the digital age and we have seen a continued manipulation of the private network to try and support the digital transformation." The problem is that today's networks are ill-defined. Entry can come from corporate campuses just as easily as from a mobile device located overseas, from a consumer laptop that appears to be in an employee's home or from an IoT device connected to the corporate network that is sending out data to a command and control server thousands of miles away. Sensitive corporate data exists in the enterprise as well as on various cloud platforms from third-parties with their own security headaches. Indeed, it is common that a seemingly authorized user logs into the network solely to jump into a cloud courtesy of a sales or manufacturing third-party-controlled application. Beyond having to trust a third-party, these cloud operations limit how much contextual information the corporate network can collect. In other words, once a user logs into Salesforce or Workday, for example, the enterprise security system will often have no visibility into what the user is trying to do, preventing it from alerting when unusual behavior happens. Elledge adds that cloud and IoT communications are undermining network security. "A lot of that information is encrypted and protected. More and more things are being requested outside of the network," he says. "The monitoring of the network layer is providing less and less information and context. The modern enterprise doesn't have an inside and an outside anymore. It's much more virtual. The current model is kind of falling apart in front of our eyes, with a huge amount of unstructured data." "To identify and protect against threats, you need to have a manageable and known environment," Elledge continues. Private networks today extend around the world, have an increasing number of connections, hundreds of thousands of nodes, [and] people and systems increasingly moving [data] easily across the perimeter. Most companies do not really know where their network begins or ends, he notes. "Business realities are driving a digital transformation and we need a security transformation to support these trends. Companies have to think differently about security. The model that places our primary defenses at the network perimeter no longer works as systems, people and data move and exist across the perimeter," he continues. "We need to start embracing the digital transformation from a security perspective." For example, if users have controlled views into data across public networks, companies can reduce or remove the need to download data into the unstructured spaces where companies lose control of the information. By embracing the public network securely, Elledge notes, companies can make services available and reduce the complexity and increase the manageability of our private networks. "Moving from the one-to-many security model of applications operating over public networks, instead of the many-to-many security model of private networks, we can decrease the level of complexity by 100 times or more," he says. Another complicating factor is context, | © 2018 Haymarket Media, Inc. Don Elledge, CEO, Edgile Threat intelligence

Articles in this issue

Links on this page

view archives of News - The Picture of Threat Intelligence