More on Advanced Prevention in 2018

Last week, I wrote a blog describing how 2018 will be the year of advanced prevention. Now we’ve had technologies for blocking cyber-attacks and malware for decades (i.e., antivirus software, firewalls, IPS, etc.), so what exactly is advanced prevention? I believe advanced prevention sits at the intersection of two other cybersecurity trends:

  1. Software-defined security functionality. Software-defined everything makes it easier to deploy, configure, and scale security controls.
  2. Artificial intelligence. AI uses algorithms to comb through mountains of data to increase detection/blocking efficacy, provide granular risk scoring, and fine-tune decision making. 
Topics: Cybersecurity vulnerability management software-defined perimeter SDP MFA

Software-defined perimeter (SDP) essentials

I’ve written about SDPs a few times, as I think this model is a strong fit for today’s IT cocktail made of mobile applications, public cloud infrastructure, and pervasive security threats.

Just what is an SDP anyway? The model is really based upon the “black cloud” concept coming out of the Defense Information Systems Agency (DISA) where network access and connections are allowed on a “need-to-know” basis.  Similarly, the Cloud Security Alliance (CSA) refers to SDPs as “on-demand, dynamically-provisioned, air gapped networks.”

Topics: Network Security Cybersecurity google software-defined perimeter

Learning about SDP via Google BeyondCorp

I’ve been following Google’s BeyondCorp project for a while. In fact, I was recently quoted in a Wall Street Journal blog on this topic.

If you are not familiar with BeyondCorp, it's Google’s spin on what’s become known as a software-defined perimeter (SDP).  SDP, also called a “black cloud”, originated at the Defense Information Systems Agency (DISA) and is now being driven by the Cloud Security Alliance (CSA).

Topics: Cybersecurity google software-defined perimeter