Using the castle analogy, if the zero-trust approach is the new approach for protecting what’s inside the castle walls, the adaptive perimeter approach can be thought of as the new approach for protecting what’s on the outside of the castle walls. In essence, you’re building additional fortifications around your valuable assets that are currently undefended, or under-defended, on the outside.
Putting it all together
What’s needed is a totally new approach to cybersecurity that can enable the transformative benefits and use of new disruptive technologies without increasing the risk of sensitive data loss. This new approach should combine the existing tenets of “converged security” and “defense-in-depth” with the new tenets of “zero trust” and “adaptive perimeter”. To help unify this approach, a new cybersecurity framework and logical architecture is needed to secure the borderless enterprise.
An added advantage of an integrated approach to cybersecurity, combining these various tenets, is that you’ll be able to accelerate your path to digitization – meaning effective leverage of disruptive technologies to re-think and re-design your organization’s business models and processes. According to a report by the World Economic Forum, estimated delays in dealing with cybersecurity risks typically range anywhere from 2.6 months for social technologies, to 4.7 for mobile technologies, to 11.4 months for cloud. Getting a new, integrated approach in place will help you forge ahead with digital transformation initiatives, knowing that your assets are more secure.
As part of this new approach, it’s also important to re-evaluate the percentage of your IT security spend that’s going into each of these areas. Today, “80 percent of security spend is still going on firewalls, IDS and anti-virus solutions, despite only being effective against 30 percent of threats”.
Of course, the perimeter model is still a highly valuable asset in the security arsenal, and one of the primary defense strategies, much like a castle wall. Today, however, it needs to be complemented with approaches and tools that address the newer aspects of “zero trust” and “adaptive perimeter”. With these new defenses in place, your kingdom will be a lot safer in the years to come - both inside and out.
Sign up for Computerworld eNewsletters.