Not Your Father’s Perimeter Protection

1 Reply

by Michael Kupfer

The use of firewalls as a network control piece has been around for about 20 years.  In the most basic terms, a firewall sits in front of your network and blocks items coming in on certain ports to prevent intrusion into the network by people who want to gain access for malicious intent.

Over the years, the firewall industry has grown to have many players. Traditional players such as Checkpoint , Cisco, and Sonicwall (now owned by DELL) have all found this market to be a strong growth space over the past 2 decades as network traffic  has increased and compliance for organizations has become more strictly enforced.

Some recent trends in the types of intrusion have made the securing of a network both more difficult as well as more financially necessary.

Below are four major trends that make firewall usage as well as next generation firewall usage an important part of your security strategy.

  • The motivations of the intruders
    • 15 years ago the typical intruder would try to break into a network with the main goal in mind to intrude and then scream about how they did it.  An ego thing if you will all played out in what we now would call the internet but back then were “chat rooms”
    • Today attackers are not screaming anything. In fact they are quietly intruding NOT for the purpose of being able to say they accomplished it, but to slowly and quietly gain access to other systems in the network.  The purpose of which is to steal data. Client lists, Credit card information, Trade secrets, company IP.  All of which are sell able in today’s “internet world” and not even so discretely. Just check out the results when you “GOOGLE”  the term “ How to buy stolen credit cards”
PCI Compliance,PCI,stolen credit cards,firewall,next generation firewall,

There are plenty of easy to find outlets for stolen credit cards

  • The underground market for this type of information is large and the technology to penetrate networks for as much information as can be obtained is heavily invested in by these cyber-crooks.

 

  • Heftier Compliance
    • Compliance getting stricter deems that companies invest in technologies that protect client data. PCI compliance for example, states guidelines that must be followed to protect client credit cards from being accessed. With the authority to fine offenders who can’t pass audits or who are breached, as well as the ability to deny those organizations the ability to accept credit cards, the PCI Security Standards Council has a lot of leverage in making sure investments are made in data protection.
    • Company Brand Protection
      • Nothing can ruin a company faster than the loss of trust. Especially in the past 5 years there has been no shortage of companies having to deal with the financial, Public relations, marketing and legal consequences of information breaches.
      • Sony Online Entertainment, Citibank, and many others high profile names have had breaches. There are some pretty big names on a recent list of worst breaches.  Corporations are not alone,  universities such as Harvard, Stanford, Cornell , Princeton and others, are all examples of companies that have had to deal with the MULTIPLE costs associate with a breach.
      • Some brands can be ruined forever. For example, how comfortable would you be donating to a specific non-profit who had its data breached,  allowing undesirables to collect lots of data about your charitable giving as well as potential personal information?  The answer is probably not likely. That organization’s brand is forever tainted as soon as a break of data is reported on the ten o’clock news.
      • You are not to small anymore
        • Most small to med-sized companies all think “I am too small for someone to want my data” or even more often “What data do I have that others would even consider valuable?”
        • The answer to those questions are  the following: 1) You are not too small. Hackers trying to get through your perimeter find it much easier to target mid sized or even small companies because those companies more more likely easier to breach.  They do not necessarily have compliance concern that a fortune 500 company may have , nor do they typically have the budget to re0-invest as new ways of hacking become available. 2) You absolutely have data that others would want.  Do you keep your documents, drawings, designs, client credit cards, client database, marketing strategies, legal documents, corporate memos, financials, web content on tape or disk within your environment?  Would any of your competitors like to get this information? Don’t put it past a thief of corporate information make his first call to your biggest rival in the industry.

         

data breach protection bolt insurance
Via: BOLT Insurance
The motivations of the bad guys as well as compliance and the fear of brand devaluation have made data protection a top priority for organizations both large and small. The types of networks we work with today, as well as the explosion of internet use within our organizations has forced the security vendors such as the firewall vendors to constantly adapt. If you are asking yourself “What is Next generation Firewall?”  The answer is the latest adaption of the old faithful in the industry- that is there to protect our network.

More to come on NGFW in future posts.