Software-defined Perimeter (SDP):  Important Initiative, Ineffective Name

For the past year or so, I’ve made the following statement, "No one has an SDP budget, but everyone has an SDP requirement."

Topics: Cybersecurity google NAC software-defined perimeter BeyondCorp

ESG at RSA: Identity, No Passwords, and Email Security (Video)

In this video, ESG analysts Mark Bowker and Jon Oltsik run through some of the top topics they will be tuning into at RSA Conference 2018. Mark and Jon home in on how identity has become the control plane and how the software-defined perimeter is impacting the CISO's decision making process and future investments. 

Topics: Cybersecurity identity and access management RSA Security Conference software-defined perimeter

More on Advanced Prevention in 2018

Last week, I wrote a blog describing how 2018 will be the year of advanced prevention. Now we’ve had technologies for blocking cyber-attacks and malware for decades (i.e., antivirus software, firewalls, IPS, etc.), so what exactly is advanced prevention? I believe advanced prevention sits at the intersection of two other cybersecurity trends:

  1. Software-defined security functionality. Software-defined everything makes it easier to deploy, configure, and scale security controls.
  2. Artificial intelligence. AI uses algorithms to comb through mountains of data to increase detection/blocking efficacy, provide granular risk scoring, and fine-tune decision making. 
Topics: Cybersecurity vulnerability management software-defined perimeter SDP MFA

Software-defined perimeter (SDP) essentials

I’ve written about SDPs a few times, as I think this model is a strong fit for today’s IT cocktail made of mobile applications, public cloud infrastructure, and pervasive security threats.

Just what is an SDP anyway? The model is really based upon the “black cloud” concept coming out of the Defense Information Systems Agency (DISA) where network access and connections are allowed on a “need-to-know” basis.  Similarly, the Cloud Security Alliance (CSA) refers to SDPs as “on-demand, dynamically-provisioned, air gapped networks.”

Topics: Network Security Cybersecurity google software-defined perimeter

Learning about SDP via Google BeyondCorp

I’ve been following Google’s BeyondCorp project for a while. In fact, I was recently quoted in a Wall Street Journal blog on this topic.

If you are not familiar with BeyondCorp, it's Google’s spin on what’s become known as a software-defined perimeter (SDP).  SDP, also called a “black cloud”, originated at the Defense Information Systems Agency (DISA) and is now being driven by the Cloud Security Alliance (CSA).

Topics: Cybersecurity google software-defined perimeter