2014 Industry Innovators: Perimeter defence
2014 Industry Innovators: Access Control
This is another market area that has seen a lot of change over the past few years. The biggest problems facing today's enterprises with regard to the perimeter is that it is shrinking to the point where it simply does not exist in many large organisations. Defending a perimeter that has all but disappeared is a real challenge and this year's Innovator has stepped up and met it. However, the way the company approaches it is not intuitively obvious. We took some liberties in this case to look into our crystal ball and envision the future as it is unfolding even now.
Defending today's perimeter has become a mathematical exercise. The development of complex algorithms to detect attacks and exfiltration attempts has become the stock-in-trade of successful companies in this space. The days of brute-forcing protection are over. With 43 percent of all companies reporting cyber-attacks and an increasing number having, at best, a semi-permeable perimeter, new ways to protect organisational assets globally are necessary.
What that means is that bigger is no longer better. Having a huge firewall that can drink from the data fire hose that is the internet won't help if the direction of information flow is outward on a channel that is supposed to be in use. A phishing attack that exfiltrates data to a port 80 destination poses a real problem.
The Innovator in this year's section uses the smarter approach to address the perimeter. They take a view that protecting the endpoints is as critical as the perimeter and, when the perimeter disappears, we certainly would argue that the endpoint is the perimeter, especially when the endpoint is on the other side of the world.
The notion of firewalls becoming less and less effective in a perimeterless world is not the only paradigm that seems to be evolving. IDS/IPS in the traditional sense is struggling to survive in an environment that is changing at a rate that is nearly unmanageable. Applying signatures to attacks is becoming less and less effective and the only solution is more sophistication in the way the data stream is processed and analysed. That sophistication is the earmark of this Innovator and we were, as always, mightily impressed.