Security: "Journey to the Edge of the Perimeter"

Security: "Journey to the Edge of the Perimeter"

Since serving as CEO of Palo Alto Networks (2008 – 2011), I have seen the types of threats evolve and develop in a number of notable ways and become more dangerous for the enterprise than ever. As such, the security industry has also evolved, working to uncover the most effective ways to protect against these threats, but there’s still catching up to do.

For an enterprise, shifts in how we use technology for business, such as cloud and mobile, offer business opportunities that should be embraced.  We’re seeing enterprises and service providers are all taking their own paths towards the same destination, from physical to virtual to cloud.  Yet, we grow fearful when we don’t know how to protect data in the new world. Meanwhile, the level of sophistication from hackers has reached new and terrifying levels. Data center security today poses a large, global problem and threatens compromise the massive potential benefits of the move to cloud.

No More Sharp Red Lines Around the Enterprise

Once upon a time, before these advancements and new focal points, enterprise security was focused on setting up a fortress, locking down endpoints and holding down a perimeter. This was seen as critical. Yet, today, that perimeter no longer exists; or, at the very least, it’s not where people thought it was. Today, an enterprise cannot simply place a sharply defined perimeter around their network because the edges are blurring. They are more expansive, less easy to “control” and nearly impossible to visualize. Due to this, security threats can invade a network from a countless number of vectors from anywhere in the enterprise. They spread quietly and then lie dormant for a significant period of time.

We need to ask ourselves: are we really looking in the right places? Any modern data center has an application server, web server, as well as mobile and social data, sitting right on top of each other in the new stack. But with a lack of visualization into the traffic moving among these layers, it’s nearly impossible to know that we’re looking in the right place to secure the data.

The Impact of Ambiguity

I’ve been involved in numerous conversations around this and found myself asking the same questions. For the enterprise, the latest headlines prove that security failures can result in incredibly damaging perceptions of a company or brand. Just look at Target - after they were hacked, not only did their CIO resign, but their CEO, a 35-year employee of the company, was ultimately let go. In total, a single breach cost Target $148 million - there’s never been more pressure on the C-Suite to keep their data under control.

Despite the very public and devastating outcomes of security flaws, when it comes to awareness of what is transpiring in their production networks, most companies are operating either partially or completely in the dark. And when these dormant threats are finally located, the enterprise enters an immediate crisis mode, quickly mobilizing a team of security experts to eliminate the threat, costing millions upon millions of dollars in the process.

Doubling Down on the Data Center

While legacy solutions have given us incredible granular visibility and control into the north-south movement of data, that’s only half of the picture. Data is constantly moving around within a data center. It’s within this movement that we find the most deliberate and patient threats. They are able to hide their true mission because, up until now, no one has been able to visualize the east/west flow. Legacy solutions, including that of my old company, have yet to invest in this east/west data visibility. Yet, the opportunity is there and it’s up to innovators to emerge and rise to the challenge in a meaningful way.

How? Enterprise solutions in this area must scale, be easy to manage and provide rapid value. That’s just the beginning. Thus far, very few have emerged to answer this with the exception of a security startup called vArmour.

It is time to stop worrying about the old ‘edge,’ which has become more blurred and less intriguing to hackers. As we shift our attention to the information that is sitting right inside of our networks, we’re looking at an opportunity for security enlightenment that will result in drastic improvements in security posture. Just like the threats living inside the data center, this opportunity is staring us right in the face.