This content is part of the Essential Guide: Essential Guide to dealing with a data breach
Manage Learn to apply best practices and optimize your operations.

Haven't suffered a network security breach recently? Think again

The news is constantly littered with stories of organizations suffering a network security breach, so it's easy to forget about the companies that remain safe. However, Eric Cole, founder of Secure Anchor Consulting and faculty senior fellow with the SANS Institute, says an unhacked network doesn't exist.

"In today's day and age with the current adversary we're up against, if you have computers, electricity, network connections and users, you are being targeted and you are being compromised," Cole argued. "The adversary is stealthy and traditional security measures are not going to detect them. So many organizations are just assuming that because their security devices -- legacy devices like firewalls and IDS -- are not alerting, that means they're safe."

In this interview, recorded at the 2015 RSA Conference in San Francisco, Cole sat down with Eric Parizo to discuss the state of network security and painted a bleak picture about it.

"It sounds bad," said Cole, "but if you compare it to real life, it's no different than the human body. There is no such thing as a person that's 100% healthy. … If anybody came up to you and said they are 100% healthy, you would laugh at them because it's naive. So if anyone says they're 100% secure, it's the same naivety that would exist there."

Cole also addressed what he thinks is the most important part of simplifying rapid network compromise detection.

"To me the most powerful word for companies today, to really control and minimize damage if you're not detecting, is descoping. Descope the problem set. Don't try to secure a large network; try to secure many small networks and then set up secure boundaries."

View All Videos

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Do you consider any network to be 100% secure? Why or why not?
there is no 100 $ security

There is absolutely no way to be 100% secure, that is a fantasy, all you can do is keep your information constantly monitored or that sort of thing. If you think you’re 100% percent protected, then you’re not very savvy with tech