The Constant Evolution of Security Threats and the Need for a Paradigm Shift (By Ramyan Selvam, Juniper Networks)

Upending the traditional perspective on security is just the beginning …

At a time when the cloud is proving so crucial, the network is emerging as more important than ever. Unfortunately, its opportunities for free access underlie cyberattacks. This scourge, spurred on by the mobile technology boom, has become one of the most serious risks that companies face. It is now essential to secure each point of access to the network, both inside and outside the company. In other words, trust no longer has a place in today’s world.

According to a Robert Half study, 79% of French companies authorise their employees to access company data from their personal devices. As the « bring your own device » (BYOD) approach is gaining ground, threats can come from any employee whose personal computer is compromised. It is enough to think for a moment about recent high-profile hacking incidents, such as the Yahoo case, or about individuals and small companies that are victims of the wave of online extortion, including the recent example of an SME in Ille-et-Vilaine, which was hacked and forced to pay a ransom to recover access to its data.

In addition, many networks rely on outdated architecture and, rather than establish more secure conditions, adopt the traditional layered defence approach, which consists of using ever more security solutions at multiple levels. However, this approach only horrendously complicates the situation, without providing satisfactory protection. This is the worst nightmare of any network administrator.

Abandoning the traditional castle model in favour of using each network resource

The traditional castle model consists of securing the perimeter and endpoints of the network by erecting « barricades. » The best way to counter increasingly complex threats across the network is the polar opposite of this obsolete state of mind: the network must now be taught to protect itself.

In starting with core infrastructure and embracing the cloud, each network element can become an automated active security element and a control point. Using software-defined infrastructure, security measures (physical and virtual) can be rolled out across the company and its cloud resources. Security is thus omnipresent, easy to manage and much more efficient.

The combination of information from the network and of real-time threats information flows from the cloud can provide the collaborative component required to identify and contain threats (both inside and outside the organisation). Moreover, using functions of orchestration and automation or software-defined networking technology, it allows all network resources to contribute to security, whereas in the past, only the firewall played this role. In this new smart security ecosystem, the implementation of security policies becomes dynamic, network protection is done in real time and each network element becomes a gear in the detection and implementation of security countermeasures.