For the past several years, we've called for a shift from perimeter to asset-based security. We began making that case in 2001 ("No Desktop Is an Island,") and strengthened it in 2003 ("Secure to the Core,").
Perimeter-based security fails because there is no longer a clearly defined perimeter. Wireless networks, remote users, encrypted communications, Web services, corporate spies, disgruntled employees, bribed administrators and socially engineered victims have seen to that.
That's not to say we advocate ripping out firewalls and gateway-content inspectors--layered defense is a fundamental tenet of information security. However, insider attacks can dwarf the damage done by outsiders.
Make the last lines of defense--the endpoints--your strongest. And be proactive. This is where HIP (host intrusion prevention) comes into play. By giving a program or user only limited access to the operating system, HIP products restrict the availability of functions like read, write and execute, as well as protect system resources like ports, files and registry keys.
One downfall of the major operating systems deployed today is that the root or administrator user has too much power. If attackers can exploit a process that runs as the administrator account, or can gain access as a super user, they'll have free rein over the entire system.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
