View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
March 23, 2017updated 24 Mar 2017 3:17pm

SailPoint President: There is no perimeter anymore, defence must start from within

Kevin Cunningham: “People are recognising that there is no perimeter anymore that can be protected"

By Tom Ball

Defence for enterprises in the current threat landscape no longer means barricading and patrolling the perimeter, the defenders must look inside for hackers that are already exploring and searching for valuable digital property.

With the vast and growing presence of smartphones, devices and cloud applications in business, an enterprise can no longer ring fence the entirety of its digital estate behind a cyber-perimeter – indeed, many argue that the perimeter is something of the past.

“People are recognising that there is no perimeter anymore that can be protected, you have to assume someone is going to get into your perimeter,’ Kevin Cunningham, President and Co-founder of SailPoint, told CBR.

SailPoint

Keven Cunningham, President and Co-founder, SailPoint

This means that a proactive approach is critical to maintaining any level of security, as businesses must be monitored internally, with foresight into the potential for an attacker to already be in the process of stealing data.

Giving an insight into how widespread the problem already is, the SailPoint President said: ‘Every CISO I talk to these days just assumes that if we haven’t been breached we have to assume we will be, so how do you identify it, and how do you contain it to minimise the damage?’

The key to that damage limitation, Mr Cunningham argues, is in the one thing unique to many – identity. Identity is being seized upon by hackers who are looking to infiltrate with ease. This means that it does not take a major breach of an integral defence mechanism to leave an enterprise vulnerable.

Mr Cunningham said: ‘If you look at how most breaches are perpetrated it traces back to a lack of understanding or mismanagement of identities. Identities are being compromised by phishing attacks, they get the first taste of the enterprise and they move around and start creating their own accounts. Because people aren’t doing a good job of tracking all this, it happens all the time.’

Content from our partners
Why all businesses must democratise data analytics
How start-ups can take the next step towards scaling up
Unlocking the value of artificial intelligence and machine learning

One of the first steps in locking down identities in the workplace is by first understanding who is after them. Unfortunately, the picture painted by the SailPoint chief was bleak: ‘This is organised crime, it’s the mob, its terrorist cells, its foreign governments. They are all very well-funded, very patient, and the average time to discover a breach is 200 days.’

This long period of time taken to discover breaches means that adversaries are free within an enterprise’s domain for that amount of time, negating any sense of perimeter-style defence. This is why defenders should be searching for adversaries already inside the organisation.

However, taking on the mob and well-armed hackers is no easy task, with streams of data creating chaos for the people tasked with defending against attack:

‘There is a lot of data that people are trying to sort through, and you have got a lot of security systems generating data; the challenge is seeking the signal out of the noise. It is hard to focus on everything that is going on, so what people are adopting now are analytics to help them understand anomalous behaviour.’

READ MORE: Are we too far down the cyber rabbit hole to fend off the cyber adversaries?

These tasks point once again to automation as a useful or perhaps crucial way of dealing with the vast quantities of data that must be processed and handled in the pursuit of hackers and their activity.

Cunningham told CBR that ‘The bad guys have figured out that the weakest link in the security chain is the human being; they have figured out that it is a lot easier to execute a very well put together phishing attack than it is to try and hack in through a firewall.’

 

 

 

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED
THANK YOU