Time for a New Security Model
Today’s threat landscape is nothing like that of just 10 years ago. Simple attacks that caused containable damage have given way to modern cybercrime operations that are sophisticated, well-funded, and capable of causing major disruptions to organizations and the national infrastructure. Not only are these advanced attacks difficult to detect, but they also remain in networks for long periods of time and amass network resources to launch attacks elsewhere.
Traditional defenses that rely exclusively on detection and blocking for protection are no longer adequate. It’s time for a new security model that addresses the full attack continuum—before, during, and after an attack.
The Industrialization of Hacking
The first PC viruses appeared more than 25 years ago. Little did we realize that they were just the beginning of what would evolve into the industrialization of hacking. For nearly 10 years, viruses endured as the primary method of attack, and over time they were largely matched by
defenders’ ability to block and protect against them. Motivated by the notoriety and the knowledge gained by the discovery and publicizing of new vulnerabilities, attackers continued to innovate. What ensued were distinct threat cycles, an “arms race,” so to speak. Approximately every five years attackers would launch new types of threats—from macroviruses to worms to spyware and rootkits—and defenders would quickly innovate to protect networks