Critics of Donald Trump regularly proclaim that his plan to erect a wall along the US border with Mexico will not solve America’s problems in the way the President has promised.
Perhaps Trump should heed the advice of Infoblox Executive Vice President Ashish Gupta, who outlines to CXM World exactly why building walls when it comes to IT security does not necessarily provide the protection one might hope for.
With digital threats rampant, the idea of building ‘walls’ for cyber defence and protection can seem appealing.
But even in this age of hackers relentlessly penetrating our networks, in the information technology security industry we know that walls don’t work—it’s like sticking your head on the sand.
Walls by themselves fail to tackle the root cause of threats; any sense of safety is artificial.
Organizations need to have a holistic security posture that spans their internal network and devices. More importantly, they must anticipate malicious external threats.
Security requires a holistic approach
For protection, traditional IT security systems have for a long time relied on perimeter defences such as firewalls, intrusion detection systems, and intrusion prevention systems.
However, cybercriminals have evolved and attacks have increased in volume and sophistication.
Malware is continuing to explode; singular perimeter defences are no longer enough.
Internal infrastructure, whether digital or physical, is meant to encourage and foster a natural ebb and flow—of both good and bad—with the world beyond the walls.
Blocking this organic two-way flow only invites turmoil within. Modern businesses rely on constant communication both within and outside the organization.
After all, while employees are crucial, a business cannot survive without customers, partners, investors, and other external stakeholders. These are all outsiders who keep the business alive.
Therefore, building thick, impenetrable walls goes against the grain of open and constant communication that our 21st-century enterprises are built upon.
Keeping everything out is not an option (including hackers and viruses) and keeping everything in (halting the outward flow of data) is also impossible.
As such, the industry must respond not with rigid, insular systems that block, but rather open, adaptive systems that can learn as threats evolve and move quickly to discover and resolve them.
So how do we go about building these protective, intelligently porous systems? Let’s break down what a network like this would entail.
It starts with the foundation
Today’s digital organizations must strive to build secure systems and networks that are open and enable the bi-directional flow of information, support the needs of the business, and are simple to manage, all while maintaining security.
These networks are not one element but a collection of widgets or returning to the wall metaphor, bricks that need to be glued together.
These bricks are crucial to the foundation of your infrastructure. They must strengthen each other, maintain the integrity of the foundation, and provide the necessary protection, but always allow the free flow of ideas, commerce, and communication.
Control and security come from the core
The core of the network is what enables communication and interaction with others in the broader digital ecosystem.
In stark contrast to rigid perimeter defences and walls, the network needs to provide protection without compromising openness. This means building digital infrastructure that is responsive and flexible.
Most importantly, in today’s dangerous cyber climate, they must protect the infrastructure’s integrity, the assets and data in the enterprise, and the users and devices — guarding against malware, hackers, data leaks, and attacks.
Defence and intelligence are synonymous
Walls neglect to address the points at which the threats originate, allowing hackers to persist and grow more sophisticated in seeking new backchannels and vulnerabilities to penetrate.
The solution to outdated perimeter defences is to build layers of actionable intelligence that seek to understand the causes, behaviour, history, and nature of those gaining access to the network—similar to officers at airports and borders who ask travellers where they’ve been, why they left, and what they’re bringing in.
These are all contextual pieces of information that when analysed provide actionable intelligence.
We need to build the same kind of multilayer defence that the human physiology provides.
The skin (the wall in this scenario) allows a natural ebb and flow but is supported by our white blood cells fighting infections internally.
Meanwhile, the brain learns how to avoid external threats using contextual and actionable insights, providing a holistic defence.
Today’s digital organisation and its network are like a living organism that needs intelligence for survival.
Equally important is balancing visibility and flexibility. To enable a secure enterprise, you need to be able to see everything on your network and to evaluate new additions.
Think of a device that is added to the network; you need to ensure that it is not introducing malware into the network while also being adaptable enough to accommodate a new piece of it.
This could be something as simple as automating the process by which a printer is added to the network or creating guest permissions for a contractor’s device once it’s been verified.
Crucially, networks must be scalable so they can keep pace with a modern enterprise’s growth; as new people and devices constantly join or exit the fold, the network must be able to adapt.
Moving beyond bricks in the wall
Our rich digital ecosystems can only thrive and innovate via learning from and evolving with the disparate digital communities and ‘netizens’ beyond our perimeters, even if this means occasional friction and conflict.
Data, ideas, digital currency, commerce, and interactions rely on this two-way flow of both good and bad.
It’s true that, like every building, every organization constructs defences around its physical and virtual premises.
But all walls do well is isolate and create an artificial sense of security. Instead, we must accept the reality that in today’s cyber climate, threats are bound to find their way in.
To move forward, we must build layers of defence, visibility, and intelligence that are adaptive, responsive and secure—ones that guarantee open communication, engagement, and unfettered commerce, but provide the protection and openness we need to thrive.
Written by: Ashish Gupta