November 07, 2002

The Perimeter is Dead

Defending a perimeter or boundary of any type is expensive and often a poor allocation of resources. In the physical world it occasionally makes sense to defend a perimeter, in the digital world perimeter defense is a tough place to get a return on investments. Here are several examples and relevant bits of data...

1. The first goal of an external attacker is to obtain the privileges of an insider. Check out Honeynet.org for more.

2. Depending on which survey you examine (FBI/CSI, IDC, Gartner, Meta, etc�) roughly 70% of all major intrusions are committed by an insider. (See Computer Associate�s �Rose in Benefits� campaign.)

3. Lumeta, the network mapping company, estimates their average customer (think BIG corporations) knows where 70% of their network goes. If you don�t know where that other 30% is � how can you possibly defend it?

4. The big technology news in Panama this week comes from an attempt to block telephone calls that travel over the Internet instead of the traditional voice network (VoIP vs. POTS at C&W Panama) the slashdot bookies have 2:1 odds on VoIP) � check out the Politech post from Cisco.

5. As for #4 - digital music, IM chat over port 80, and wireless LANs everywhere simply prove that technology beats law in almost every case.

Posted by Abner on November 7, 2002 03:56 PM | TrackBack
Comments ARE BROKEN Send email instead - Thanks!


Recent Entries
iPhone's SIM Locks: Hardware vs. Software vs. Lawyers
Even (or especially) contests could use a security review
Vendors Responses: Voting Machines and the Pwnie Awards
Dude "Security Rocks"
iPhone Wi-Fi Vulnerability
Harry Potter Security
iPhone Hacking & Fustrations
Let the iPhone Hacking Begin
Geer heads to Washington, Again
This Just In: DRM still doesn't work
L0pht
Phishing meets Internet Advertising
How long to unlock the iPhone Operating System?
Predictive Markets For Politics
The Irony of Phone Security Google Ads
Why Biometric Fingerprint Readers Are A Waste
How to Blag an Interview
Yet another Boston marketing flub
MAC vs. Vista Security
The latest in physical security
Data Loss Archive
Guerrilla Marketing Backfires in Boston
Hackistan
NY Times on the "Market" For Software Vulnerabilities
Not marketing security, marketing *during* security