Yesterday, we learned that the U.S. government’s Office of Personnel Management (OPM) was breached and attackers made off with personally identifiable information of up to 4 million federal workers, which is roughly the total number of current federal employees. The OPM is the human resources department of the federal government and is responsible for security clearances and employee records.
Despite the steady stream of breaches that have seemingly become the norm in the news, what I find particularly interesting about the OPM attack is how it was identified. Prior to the breach, the OPM had begun an aggressive program to update its computer security systems. It was this new system that, once in place, found the attackers in the OPM network.
The OPM breach serves as a clear reminder that when it comes to modern data center and cloud environments, you can’t protect what you can’t see. Most organizations’ computer networks and data centers are protected by hardened perimeters that use legacy security solutions, but visibility into what’s happening on the interior, between workloads, is typically woefully inadequate. Governments, businesses, and organizations of all types are quickly recognizing that the old way of protecting their networks is insufficient and the new paradigm for data center security requires innovative approaches for thwarting cyber attackers. There is little agreement across the industry on what the ultimate solution to the challenge of securing virtualized and cloud environments will look like, but the ability to see what’s happening inside the edges of the perimeter is an obvious and necessary first step. As the OPM breach unfortunately shows, until you have visibility into your lateral network and data center traffic, you really have no idea what (or who) might already be inside.
Read more details from myself and other industry experts on this breach in the Morning Download from the CIO Journal.