More on Advanced Prevention in 2018

Last week, I wrote a blog describing how 2018 will be the year of advanced prevention. Now we’ve had technologies for blocking cyber-attacks and malware for decades (i.e., antivirus software, firewalls, IPS, etc.), so what exactly is advanced prevention? I believe advanced prevention sits at the intersection of two other cybersecurity trends:

  1. Software-defined security functionality. Software-defined everything makes it easier to deploy, configure, and scale security controls.
  2. Artificial intelligence. AI uses algorithms to comb through mountains of data to increase detection/blocking efficacy, provide granular risk scoring, and fine-tune decision making. 
Topics: Cybersecurity vulnerability management software-defined perimeter SDP MFA

Black Hat Impressions

Like many others in the cybersecurity community, I attended Black Hat in Las Vegas last week. Here are my thoughts on the show:

Topics: Cybersecurity Black Hat CISO home network security SDP

The Internet of Identities (IoI)

Everyone is talking about IoT these days and for good reason – there are already billions of devices connected to the global Internet and some researchers are predicting 50 billion by 2020. This alone will make CISOs' jobs more difficult, but security executives face many other associated challenges as well:

Topics: Cybersecurity IoT identity and access management micro-segmentation SDP Internet of Identities

Are Next-generation Firewalls Legacy Technology?

A few years ago, next-generation firewalls (NGFWs) came out of nowhere to become a network security staple. These devices combined traditional L3/L4 packet filtering with deep packet inspection, IPS, and other network security services along with knowledge about users and applications. This broad functionality packaging changed the network security paradigm – everyone needed, or at least wanted, an NGFW at the perimeter or within the internal network.

Topics: Network Security Cybersecurity Firewall SDP

Goodbye NAC, Hello Software-defined Perimeter (SDP)

Those of use who’ve been around security technology for a while will remember the prodigious rise of network access control (NAC) around 2006. Now the ideas around NAC had been around for several years beforehand, but 2006 gave us Cisco’s network admission control (a.k.a. Cisco NAC), Microsoft’s network access protection (NAP), and then a whole bunch of venture-backed NAC startups (ConSentry, Lockdown Networks, Mirage Networks, etc.).

Topics: Network Security Cybersecurity NAC SDP