Redefining the Perimeter
Disrupting the Full Attacker Path
This is the first tenet in our three part series defining our perspective on cybersecurity.
The word “perimeter” gives many people flashbacks to Geometry class, rulers, and measuring lengths. For those with a more military background, a perimeter is a boundary between secure and insecure. But to the general public, it might simply be a fence. Due to this perception, the cybersecurity industry believes the term perimeter should no longer be used, because it often leads people to a sense of false confidence that a single “fence” is enough.
The simple fact is that our needs in cybersecurity have evolved dramatically due to our increased usage of technology. Massive advances in techniques by attackers have poured even more fuel on the fire. This doesn’t mean we should abandon the concept of the perimeter. Instead, let’s make a leap from this basic concept and advance it forward. This is why we want to “Redefine the Perimeter”.
From a pure cybersecurity perspective, perimeter defense is all about repelling attacks coming from any direction. The important phrase here is “attacks coming from any direction”. The security industry is very familiar with the concept of defense in depth. This concept assumes that an attacker can get past outside protection layers. It pushes us to focus on security at every layer, since an attacker requires a series of steps to complete the goals of an attack. Every one of these steps presents an opportunity for us to deter an attacker and ultimately disrupt a security breach as early as possible.
To truly integrate security at every touchpoint, we need to stop fixating on our narrow-minded concept of the security perimeter and truly zoom our lens back to get a wider angle. We should account for every indirect and direct way that an attacker can touch their target. This begins with early stage reconnaissance that an attacker performs to gather information on their target, all the way through each touchpoint that allows an attacker to get a foothold, lay low, move around freely in an environment, and continually perform their destructive goals. This more expansive perspective that breaks down the complete process of an attack will allow defenders to fully grasp the multiple steps required to execute a successful attack. Ultimately, it will allow us to adapt to attacker behavior at a greater level of detail and craft a much more secure architecture.
So how do we get started?
The Three Security Zones
- Public - Intended to be accessible and visible to the general public
- Edge - The transition point that connects Public to Private
- Private - Intended to be secure and ONLY accessible to authorized individuals