Conference Coverage

RSA Conference 2015 special coverage: News, analysis and video

Reporting and analysis from IT events
Manage Learn to apply best practices and optimize your operations.

Haven't suffered a network security breach recently? Think again

The news is constantly littered with stories of organizations suffering a network security breach, so it's easy to forget about the companies that remain safe. However, Eric Cole, founder of Secure Anchor Consulting and faculty senior fellow with the SANS Institute, says an unhacked network doesn't exist.

"In today's day and age with the current adversary we're up against, if you have computers, electricity, network connections and users, you are being targeted and you are being compromised," Cole argued. "The adversary is stealthy and traditional security measures are not going to detect them. So many organizations are just assuming that because their security devices -- legacy devices like firewalls and IDS -- are not alerting, that means they're safe."

In this interview, recorded at the 2015 RSA Conference in San Francisco, Cole sat down with Eric Parizo to discuss the state of network security and painted a bleak picture about it.

"It sounds bad," said Cole, "but if you compare it to real life, it's no different than the human body. There is no such thing as a person that's 100% healthy. … If anybody came up to you and said they are 100% healthy, you would laugh at them because it's naive. So if anyone says they're 100% secure, it's the same naivety that would exist there."

Cole also addressed what he thinks is the most important part of simplifying rapid network compromise detection.

"To me the most powerful word for companies today, to really control and minimize damage if you're not detecting, is descoping. Descope the problem set. Don't try to secure a large network; try to secure many small networks and then set up secure boundaries."

View All Videos

Conference Coverage

RSA Conference 2015 special coverage: News, analysis and video

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Do you consider any network to be 100% secure? Why or why not?
Cancel
there is no 100 $ security

Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close