Guest blog by David Spark, Spark Media Solutions
“We’ve talked about the architecture like walls. We’ve always tried to be like castles and moats. And I don’t care how big you build the wall. I don’t care how wide that moat is. I don’t care if it’s on fire with flame retardant crocodiles. It’s just not going to work anymore, because they’re (the hackers) paratrooping in,” said Jayson E. Street (@jaysonstreet), Infosec Ranger, Pwnie Express, in our conversation at the 2016 RSA Conference in San Francisco.
We need to worry about creating a submarine-like infrastructure, explained Street, who pointed out that submarines were built to be ‘breached’ (take hits). But those breaches/hits can be compartmentalized and repaired, thus allowing the rest of the submarine to survive.
That’s how we have to build our networks, advised Street. If there is a breach in one section, it can be isolated and managed, preventing the whole company from toppling down.
“We can’t live in a world where we’re stopping breaches anymore. It’s so hard to stop a breach,” added Street.
Preventing breaches is not going to be the new standard, said Street. Instead, the new standard will be your ability to detect, respond, and contain a breach.
With regard to containing, Street makes the point that your developers never need to know what your people in accounting or in HR are doing. Segment based on job roles and departments.