FireEye report: defence-in-depth model 'deeply flawed'
Yesterday, virtual security platform company, FireEye, released a comprehensive security tools analysis taking data from more than 1,217 organisations across the globe. The report revealed that the most commonly used security tools fail to protect 97 percent of organisations that purchase them.
According to the report, the analysis observed real world threats that passed through all of an organisation's security layers, uncovering a “deeply flawed defence-in-depth model, at least as its commonly deployed.”
FireEye nicknamed this current situation “the new Maginot Line,” after the ill-fated, 940-mile elaborate defence entanglements built in France during WWII, which German troops simply went around. Organisations that spend billions of pounds on defence-in-depth IT security architecture only to have attackers easily pass around them, would appear to be in a similarly doomed situation.
Taking a new approach is necessary to enact effective defence measures. FireEye recommends eliminating expenditures on redundant, backward-looking technology, investing instead in defences designed to identify and stop advanced attacks.