Editorial note: Over the past few months OpenDNS CTO Dan Hubbard has shared his thoughts on where security will see the most disruption in the near future. This is the final chapter in the five-part blog series.
The fifth and final Disruption in Security post addresses perhaps the greatest change in how IT security professionals currently think about security.
Traditional security practices, tools and the VAST majority of corporate spend is around authentication, access control, firewalls and anti-virus products. These are predominately designed to keep the wrong people and users out of your network and away from information that they should not have access to.
Vendor claims, effectiveness reports and even third party testing, are mostly designed around this additionally. Often you see numbers as high as 99.x %.
The three large changes in technology today that are most relevant to security are mobility, cloud and the advancement of attacks.
With these changes security professionals need to change their mindsets, product technologies and their security life cycle/processes. The reason being mobility and cloud dramatically changes the perimeter, and the advancement in attacks dramatically changes the notion that the attacker success rate will be so low in the future.
With that I believe the change from a “Detect and Prevent” mindset to a “Prevent and Contain” is a big disruption in security.
The inability to enforce your corporate policy at the perimeter, the diminishing coverage of anti-virus products and the ever-expanding attack surface all contribute to this change. Although, certainly, I am not saying that companies need to throw technologies away or do anything they can on the prevention side, what I am saying is that if you take the view that attackers will ultimately get into your network, access your data and attempt to exfiltration it, you should be looking at the problem differently.