With digital threats growing more rampant across the country and from around the world, the idea of building “walls” for cyber defense and protection can seem appealing. But even in this age of hackers relentlessly penetrating our networks, in the information technology security industry, we know that walls don’t work. The truth is that surrounding yourself with impenetrable barricades is akin to sticking your head in the sand. Walls by themselves fail to tackle the root cause of threats, meaning any sense of safety created is artificial. Organizations need to have a holistic security posture that spans their internal network and devices. More importantly, they must anticipate malicious external threats.
Security requires a holistic approach
Internal infrastructure, whether digital or physical, is meant to encourage and foster a natural ebb and flow — of both good and bad — with the world beyond the walls. Blocking this organic two-way flow only incites turmoil and turbulence within. Modern businesses rely on constant communication both within and outside the organization. After all, while employees are crucial, a business cannot survive without customers, partners, investors and other external stakeholders. These are all outsiders who keep the business alive.
Therefore, building thick, impenetrable walls goes against this grain of open and constant communication that our 21st century enterprises are built on. Keeping everything out is not an option and keeping everything in is also impossible. As such, the industry must respond not with rigid, insular systems that block, but rather open, adaptive systems that can learn as threats evolve and move quickly to discover and resolve threats. This the only way to truly bolster security.
So how do we go about building these protective, intelligently porous systems? Let’s break down what a network like this would entail.
It starts with the foundation
Today’s digital organizations must strive to build secure systems and networks that are open and enable the bidirectional flow of information, support the needs of the business and, are simple to manage, all while maintaining security. These networks are not one element but a collection of widgets, or returning to the wall metaphor, bricks that need to be glued together. These bricks are crucial to the foundation of your infrastructure. They must strengthen each other, maintain the integrity of the foundation, and provide the necessary protection, but always allow the free flow of ideas, information, commerce. and communication.
Control and security come from the core
The core of the network is what enables communication and interaction with others in the broader digital ecosystem. In stark contrast to rigid perimeter defenses and walls, the network needs to provide protection without compromising openness. This means building digital infrastructure that is responsive and flexible. Most importantly, in today’s dangerous cyber climate, they must protect the infrastructure’s integrity, the assets and data in the enterprise, and the users and devices — guarding against malware, hackers, data leaks, and attacks.
Defense and intelligence are synonymous
The solution to outdated perimeter defenses is to build layers of actionable intelligence that seek to understand the causes, behaviour, history, and nature of those gaining access to the network — similar to our unsung heroes, the officers at airports and borders, who ask travellers where they’ve been, why they left, and what they’re bringing in. These are all contextual pieces of information that when analysed provide actionable intelligence.
To enable a secure enterprise, you need to be able to see everything on your network and to evaluate new additions. Think of a device that is added to the network: you need to ensure that it is not introducing malware into the network while also being adaptable enough to accommodate a new piece of the network.
This could be something as simple as automating the process by which a printer is added to the network or creating guest permissions for a contractor’s device once it’s been verified. Crucially, networks must be scalable so that they can keep pace with a modern enterprises’ growth, as new people and devices constantly join or exit the fold, the network must be able to adapt.
Moving beyond bricks in the wall
To move forward, we must build layers of defense, visibility, and intelligence that are adaptive, responsive and secure — ones that guarantee open communication, engagement, and unfettered commerce, but provide the protection and openness we need to thrive. It is about much more than just adding another brick in the wall.
