The Security Industry was rocked recently when it was reported that EMC’s RSA security division was hacked and data about its critical security technology was stolen. Last Friday RSA provided more details and an explanation of its SecurID® breach in a blog posting at their website.
We agree with RSA that a new defense doctrine, without relying on Layer 3 perimeter and end point security, will be necessary to defend against future attacks like this latest, targeted attack, at RSA. The truth is, large organizations cannot prevent one or two employees from inadvertently opening a malicious attachment which, in RSA’s case, was a simple phishing attack that was designed to disguise a more nefarious APT attack. Like Stuxnet, RSA’s hackers used a simple way to get in and the reality is that large organizations have to assume the bad guys are already inside. In order to protect their mission-critical digital assets (such as the secret sauce of RSA’s SecurID®), they need to deploy multi-protocol Layer 7 application firewalls. This is the cleanest way to protect important applications without deploying company-wide authorization which is very difficult and costly to accomplish.
The critical nature of Enterprise Security is fast becoming a fiduciary duty for Boards of Directors and CEOs now, as Oracle President Marc Hurd recently pointed out. As important as this might be to shareholders, companies also have a duty and a responsibility to our fellow citizens. As we confront the increasingly sophisticated nature of these APT-style attacks (and others), any network run by an industrial enterprise is no longer just a corporate asset, but also a focus of national security.
We pointed to an article last week which described a hypothetical future scenario where the US was fully engaged in a cyber war against another Country. Many of the hypothetical “fields of battle” had nothing to do with our Military infrastructure (which we know to be highly secure), focusing instead on areas within the public sector over which the Military has no security control. It is these unclassified networks, which comprise the bulk of all industrial and business communications, which are tremendously vulnerable if attacked in a systematic way.
Our challenge in the weeks and months to come will be to secure these non-classified communications and data systems in America’s industrial and financial companies specifically to avoid disruption at times of an adversary’s choosing. We here at Bayshore Networks believe that deploying our multi-protocol Layer 7 application firewalls will make that possible.