By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
TechgoonduTechgoondu
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Search
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Reading: Trust no one, because perimeter defences can’t keep out cyberattacks
Share
Aa
TechgoonduTechgoondu
Aa
  • Audio-visual
  • Enterprise
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
  • PC
  • Telecom
Search
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Follow US
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Techgoondu > Blog > Enterprise > Trust no one, because perimeter defences can’t keep out cyberattacks
EnterpriseSoftware

Trust no one, because perimeter defences can’t keep out cyberattacks

Alfred Siew
Last updated: August 13, 2020 at 10:38 PM
Alfred Siew Published July 29, 2019
6 Min Read
SHARE
PHOTO: Pixabay (Creative Commons)

By now, this should be clear to anyone who manages any IT infrastructure for an enterprise. Yet, surprisingly, it has taken many IT leaders longer than you’d expect to focus on insider threats instead of the enemy at the gates.

This old idea of building a moat around a castle to keep intruders at bay is no longer applicable today. Indeed, focusing on it is missing the big picture, if you ask any cybersecurity expert worth his salt.

Even the Singapore government, which unfortunately started cutting off public servants’ Internet access in 2016 in an attempt to prevent serious cyberattacks, has come around to the reality that the threat has to be managed in a different way.

After all, some of the most serious data breaches of late have occurred because of human error. When the blood bank accidentally leaked the personal data of donors earlier this year, the database was inadvertently placed in the open by a third-party vendor running tests.

Another serious breach, which was revealed this year as well, involved a doctor who allegedly took the information of thousands of HIV patients here and simply downloaded the data onto a USB drive.

That’s a classic inside job, much like someone in a castle opening a backdoor to the enemy. No matter how strong your fortifications are, the perimeter defences are useless against such an attack.

Security experts are now calling for a policy to trust no one within the network. In other words, every user is viewed with the same suspicion even though they might have been granted access.

“Increasingly, customers are acknowledging that more attacks are coming from inside the network,” said Sudhakar Ramakrishna, chief executive officer of cybersecurity firm Pulse Secure, in an interview last week with Techgoondu.

“Who do you trust? Don’t trust anybody,” he added. “And don’t have artificial separation of what’s outside and what’s inside. Establish trust equally with everybody.”

In such a setup, when a user fires up his laptop to connect to a laptop, he has to be authenticated, possibly with multi-factor authentication. Then the way he uses his connection is constantly monitored so that any unexpected or suspicious behaviour can be flagged.

If someone in marketing tries to access files in the finance department’s file server, the system should be able to raise a red flag to alert an administrator. He can choose to investigate further from there.

Another problem with the old idea of maintaining a perimeter is that the perimeter is no longer clearly marked any more. With data moving in and out of multiple cloud platforms and being replicated and backed up, it is becoming impossible to draw a line and say “it’s safe over here”.

The key, say cybersecurity experts, is to make sure that everyone’s identity is verified and checked all the time, so they are who they say they are. This ensures that only those who should have access are able to access the data.

Of course, this still doesn’t guard against people stealing data if they are disgruntled with the company. Or, they may have clicked on a malware-loaded e-mail and opened themselves up to the bad guys.

This is where artificial intelligence (AI) comes in, to continuously scan for unusual behaviour after “learning” what is usual in the network. A person copying sensitive files and dropping them onto Dropbox afterwards should be looked into, for example.

The complexity of running an enterprise’s infrastructure today means that it is often not humanly possible to look through all the alerts that a system triggers. Machines have to help analyse that data.

Many companies have servers connected on their networks that they don’t even know of, said Sanjay Aurora, managing director for Asia-Pacific for Darktrace, a cybersecurity company.

As a result, these systems may not be patched up and may be open to hackers as backdoors, he explained.

As threats become more complex, the idea of cybersecurity has to change as well. Being a czar and trying to control everything may backfire, because staff will find ways around the restrictions.

Organisations have to look to role-based access control, rather than cutting off access in a broad manner, said Ramakrishna, who also called on cybersecurity teams to improve productivity, maintain visibility of assets and support compliance requirements.

However, they should forget the “indefensible walled garden”, he added. Instead, get users on their side through education and awareness of the latest threats, he advised.

“Security is about access, not just control,” he added. “You can only enhance things if you make things easily accessible. How to do that without compromising security or trying to lock everything down?”

You Might Also Like

Foodpanda to use Gogoro electric scooters in battery swapping trial with Cycle & Carriage

RedCap: A new cellular IoT technology for the 5G era

Debate on computational photography misses what’s real, what’s lived outside a frame

Q&A: Delivering movies digitally and securely from around the world

In remote Taiwan, firefighters use a 5G base station “in a box” when responding to emergencies

TAGGED: access control, cybersecurity, Darktrace, perimeter defence, Pulse Secure, VPN

Sign up for the TG newsletter

Never miss anything again. Get the latest news and analysis in your inbox.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Alfred Siew July 29, 2019
Share this Article
Facebook Twitter Whatsapp Whatsapp LinkedIn Copy Link Print
Share
Avatar photo
By Alfred Siew
Follow:
Alfred is a writer, speaker and media instructor who has covered the telecom, media and technology scene for more than 20 years. Previously the technology correspondent for The Straits Times, he now edits the Techgoondu.com blog and runs his own technology and media consultancy.
Previous Article Goondu review: Oppo Reno 10x Zoom
Next Article Take a virtual walk through Singapore’s hawker centres with Google Street View
Leave a comment

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

Facebook Like
Twitter Follow

Latest News

Oppo Find N2 Flip review: A worthy flip phone alternative to Samsung
Cellphones Mobile March 26, 2023
As TikTok faces a possible ban in the US, should users elsewhere be worried?
Cybersecurity Internet March 24, 2023
Foodpanda to use Gogoro electric scooters in battery swapping trial with Cycle & Carriage
Enterprise Internet March 23, 2023
RedCap: A new cellular IoT technology for the 5G era
Enterprise Software Telecom March 23, 2023
//

Techgoondu.com is published by Goondu Media Pte Ltd, a company registered and based in Singapore.

.

Started in June 2008 by technology journalists and ex-journalists in Singapore who share a common love for all things geeky and digital, the site now includes segments on personal computing, enterprise IT and Internet culture.

banner banner
Everyday DIY
PC needs fixing? Get your hands on with the latest tech tips
READ ON
banner banner
Leaders Q&A
What tomorrow looks like to those at the leading edge today
FIND OUT
banner banner
Advertise with us
Discover unique access and impact with TG custom content
SHOW ME

 

 

POWERED BY READYSPACE
The Techgoondu website is powered by and managed by Readyspace Web Hosting.

TechgoonduTechgoondu
Follow US

© 2023 Goondu Media Pte Ltd. All Rights Reserved | Privacy | Terms of Use | Advertise | About Us | Contact

Join Us!

Never miss anything again. Get the latest news and analysis in your inbox.

Zero spam, Unsubscribe at any time.
 

Loading Comments...
 

    Welcome Back!

    Sign in to your account

    Lost your password?