Why bolted-on perimeter defenses are no longer effective
Posted on | May 10, 2010 | add a comment
Mark Bauhaus, Juniper Network’s top network security exec, and his counterpart at AT&T, Ed Amoroso, recently led the Telecom Working Group discussions at the the East West Institute’s Cybersecurity Summit in Dallas. Just the fact that the Dallas Summit took place was a huge step forward with regards to the emergence of much-needed collaboration to make the Internet safer. The telecom execs discussed transparency and trust, international communications policies and security for global undersea cable communications. There were a half dozen other such work groups at the Dallas Summit. Each will now begin to work more closely to continue to communicate needs and next steps within the larger security communities. Bauhaus previously spend 20 years at Sun Microsystems in a range of executive assignments. In this LastWatchdog guest blog post he describes why deeper, ongoing collaboration by the good guys is a must.
By Mark Bauhaus
I was fortunate to take an active role in the EastWest Institute’s Worldwide Cybersecurity Summit in Dallas this week, and noted several salient points on today’s security landscape. One opener was quite clear from the Summit: It’s not just scare-mongering. Every passing day, yet another network security incident or threat is being reported. Whether it’s a physician’s stolen laptop containing confidential patient health information or reading up on recent reports about the consistent uptick in cybercriminals, it’s easy to be concerned about the security of your company’s network and the confidential information residing within it.
What’s changed? The globalization and mobility of the workforce have forced us all to reconsider the network’s attack surface. Traditionally, organizations concentrated on strong perimeter defenses. However, perimeters are inadequate today because the attack surface (points that attackers can attempt to exploit) is becoming fractal with all the end points and network pathways that are subject to complex cyber attacks and more intelligent tactics being employed globally. Factor in that data traffic on the mobile handset is growing exponentially. In March, TechCrunch covered UK-based research firm Coda Research Consultancy’s report that forecasts that U.S. mobile handset data traffic will reach 327 petabytes a month in 2010.
Now, you have a recipe for even more ways to infiltrate the network. There are noticeable shifts in attack patterns. Attacks used to be simple security research or rebellious curiosity. But now attacks are more nefarious; they are motivated by criminal intent, corporate espionage and even nation state mischief or terrorism. The fact of the matter is that while the attack surface needs every possible security vulnerability removed, the attacker only needs to find one.
These facts confirm a new conventional wisdom: the old way of looking at security is endangering the growth potential that exists. It’s time we collaborate with one another to drive security innovations, open platforms, and become more transparent within the partner ecosystem. The next decade of growth on the network promises to demonstrate just how vital it is to any business across any region. But, as the network keeps growing, what good is it if it under performs and is consistently hampered by insecurity?
It’s time for a new approach to securing networks and devices around the world. We must infuse security layers at key leverage points like mobile devices, laptops, branch, service provider networks, data centers, content clouds and enterprises around the globe. More than ever, business transactions, organizational interdependence, and everyday life depend upon the secure and reliable network. Rather than adding ineffective perimeters as a bolted-on afterthought to the network, security needs to be embedded at every level to ensure scale, reliability, flexibility and manageability.
(Bauhaus is Executive Vice President and General Manager, Service Layer Technology Business Group, Juniper Networks Business Group)