The Enemy Outside The Perimeter Defences
Perimeter defence in cybersecurity – is it even relevant anymore? If you want to keep something safe, throw up some barriers, right? Across history, the simple wall is perhaps the most successful piece of security technology ever devised. It kept the “inside” safe from whatever was “outside”. The same premise underpins much of digital security. We think of networks as fenced gardens, protected from intrusion by barriers at their points of entry.
This is the “perimeter defence” paradigm of cybersecurity. Yet now, in the cloud era, is identifying and defending a sharp boundary between “inside” and “outside” even possible. Some industry insiders say no. A recent article from CSO is blunt in saying that “cloud and mobile computing have all but erased the network perimeter”.
“These days, mobile users access SaaS and cloud-based applications and never touch internal networks at all,” the article reads.
And this is the issue. Until recently, the physical and digital boundaries of a network were closely aligned. An enterprise network used to mean a series of physically wired computers, connected to the internet through a shared hardware gateway. Today, it might be a virtual network, consisting of a traditional on-site system, cloud-based software, and mobile devices linked from home offices.
So, in the wireless age, does the concept of a perimeter even make sense? This article will cover some of the emerging issues and look at whether perimeter defence is an obsolete paradigm.
What Is Perimeter Defence?
Traditional cybersecurity perimeter defence involves filtering incoming data for potential threats. Technology such as firewalls and secure gateways are classic examples of the type. Such an approach assumes that a categorical delineation between what’s inside and what’s outside the network can be made, and that the points of access can be monitored effectively.
In the early decades of internet use, this method was relatively effective. Security companies could provide and update lists of threats, and your firewall could check incoming data before it crossed into your network. However, a range of innovations have moved enterprise networks beyond the walls of the office and blurred the line between inside and outside.
Examples of such developments include:
- Software as a Service (SaaS)
- Cloud-based virtual networks
- Bring Your Own Device (BYOD).
SaaS models see vital enterprise software provided as a subscription. This, by function, requires connections beyond the internal network to validate licenses and enable use. Such systems also often integrate cloud-based processing and storage. This enables access from anywhere, on any internet-capable device, but it further breaks down the relationship between your physical premises and your networked assets. To be blunt, the consensus among security experts is that perimeter defence, as we once knew it, is dead.
How Can A Wall Become Obsolete?
Built around 1,900 years ago, Hadrian’s Wall was once one of the most imposing defensive structures in the world. Over 3 metres high and stretching for more than 100km, the stone wall stood as a boundary between Roman Britain and the unconquered North. Today, it barely exists. What happened to it? People took it home. After the Roman Empire fled Britain in the early 5th Century, generations of locals dismantled it to use the stone in their houses. A similar thing is happening in the contemporary erosion of perimeter cybersecurity.
Decentralised networking has moved work out of the office – a trend accelerated by the COVID-19 pandemic. And, as work has moved to the home, vital components of operational security have been removed with it. Traditional perimeter defence is simply not possible in such a context, leaving much of your security dependent on password-based access. While such advances offer greater freedom, flexibility, and opportunity, they also introduce vulnerabilities.
A crumbled Hardian’s Wall no longer offering any security
Phishing attacks, which trick targets into revealing passwords by sending links to fake websites, are one of the most successful forms of cybersecurity breach. According to Verizon’s 2021 Data Breach Investigation Report, 36 percent of breaches involve phishing – an increase of 11 percent compared to the previous year. The trend underscores the vulnerability of password-dependent systems to social engineering. The strongest safe in the world is useless when the people using it can be tricked into handing over their keys.
While the prevalence of remote-access work arrangements is likely to lessen in the coming years, it is probably not going to return to pre-pandemic levels. Forbes cites an academic study that predicts that the number of at-home work days will stay as high as 22 percent, even as the pandemic subsides.
A return to easily-bounded, on-premises networks is therefore out of the question. The freedom offered by cloud-based computing is simply too attractive – the horse has bolted, and it likes being outside the fence. However, the vulnerability of password-based security is obvious. So, what are the solutions?
What Is Post-Perimeter Defence?
If the perimeter as you knew it is no longer viable, new security measures must be put into place. Just as new threats are constantly emerging, defensive strategies are evolving to meet them. Experts recommend the following approaches towards keeping your data secure:
- Address the human factor
- Improve authentication
- Go zero trust.
First, the human factor. This will always be a weak link in any security system: doors are built to be opened, after all. Remote access turns every worker’s mobile device into a new “door”, so good security awareness should be essential training for all modern workforces. The good news is that training is effective at reducing the success of this kind of attack. According to Datacentre Knowledge, organisations that implemented security training lost 76 percent less to security breaches than organisations that did not.
That said, there’s only so far you can blame people for poor cybersecurity. Traditional passwords have served valiantly, but they can no longer hold the gate. Recently, authentication has been becoming the norm for data security. According to securityroundtable.org, three or even four layers of authentication might be necessary for some processes.
Even so, you simply cannot trust the right people and processes to keep the wrong people out. As a result, a zero-trust security mentality is gaining ground. According to the 2021 IDG Security Priorities Survey, 46 percent of surveyed businesses are investigating zero-trust approaches.
Access and security theatre isn’t always so obvious
Zero trust is not a process or a plug-and-play solution, it is an approach to security. A concept that informs how you proceed. Simply, it means assuming the worst, and operating as though every device with access to your network is already compromised.
Most cyberattacks exploit “trust” in some form – for example, stealing a password that is trusted or exploiting an application that is trusted. Perimeter defence is vulnerable because it defaults to trusting components once they have made it past the “gate”. Zero trust looks for aberrant network behaviour to identify breaches that are revealed by the behaviour of systems and components. This means any unusual activity will be flagged, and trust denied until that person, device or connection can be verified.
How Do You Even Get Started In Evolving Past Perimeter Defence Cybersecurity?
This article should have served as a wake-up call about traditional cybersecurity perimeter defence, but it is not a call to abandon the practice. A strong traditional perimeter is still necessary; it is simply no longer sufficient. Zero-trust approaches are the new best strategy for managing your security.
However, because zero-trust is a bottom-up approach that works from the fundamentals of a system – not a top-down solution that works by being implemented over the top – adopting it takes work and expertise. Reach out to Internet 2.0 to talk about the latest post-perimeter security. We have the expertise. Our team of former military and intelligence experts live and breathe cybersecurity, and can guide you in strengthening your defences at all levels.