In this presentation, Johna Till Johnson, CEO and founder of Nemertes Research, explains why traditional network perimeter security, consisting of firewalls, antimalware and application gateways, is no longer enough to secure the enterprise perimeter. She gives concrete action items for readjusting IT's focus from centering on network perimeter security to one that protects the perimeterless enterprise and explains how, as the perimeter itself becomes more fluid, enterprises must adapt to a new threat universe that can do end-runs around standard networking perimeter security. While traditional network security was based on a perimeter -- where enterprise assets stayed inside, and the defenses blocked attacks coming from outside the enterprise perimeter -- today's network is far more complex, and threats are all around.
This new threat universe, in which there is increasing attack volume and increasing attack sophistication, calls for an evolving enterprise architecture composed of many components -- especially in light of the increasingly harsh consequences to any kind of failure at defending the enterprise: A successful attack can spell the end of a career, or even the end of the enterprise.
Network perimeter security defenses were sufficient when attackers were limited to launching malware and intrusion attempts at the enterprise perimeter. Times are changing as the enterprise network becomes more porous, and network perimeter security strategies such as firewalls and malware detection are no longer enough to protect enterprises that are increasingly dependent on distributed and virtual perimeterless architectures. Now experts are estimating that as many as 40% or more of the threats facing the enterprise comprise at least five separate components, all of which may appear to be completely harmless on their own but are deadly when they act together.
Watch this video as Johnson explains this new kind of composite and virtually undetectable threat, illustrated by the Chinese menu attack that brought down a financial institution, as well as how to counter the new threats. She gives concrete recommendations on the critical components of a perimeterless defense, what to be on the lookout for and how to match your security architecture to your enterprise security strategy.