RSA Conference 2015 special coverage: News, analysis and video
Reporting and analysis from IT events
The news is constantly littered with stories of organizations suffering a network security breach, so it's easy to forget about the companies that remain safe. However, Eric Cole, founder of Secure Anchor Consulting and faculty senior fellow with the SANS Institute, says an unhacked network doesn't exist.
"In today's day and age with the current adversary we're up against, if you have computers, electricity, network connections and users, you are being targeted and you are being compromised," Cole argued. "The adversary is stealthy and traditional security measures are not going to detect them. So many organizations are just assuming that because their security devices -- legacy devices like firewalls and IDS -- are not alerting, that means they're safe."
"It sounds bad," said Cole, "but if you compare it to real life, it's no different than the human body. There is no such thing as a person that's 100% healthy. … If anybody came up to you and said they are 100% healthy, you would laugh at them because it's naive. So if anyone says they're 100% secure, it's the same naivety that would exist there."
Cole also addressed what he thinks is the most important part of simplifying rapid network compromise detection.
"To me the most powerful word for companies today, to really control and minimize damage if you're not detecting, is descoping. Descope the problem set. Don't try to secure a large network; try to secure many small networks and then set up secure boundaries."