Just in the same way as the inventions of gunpowder and then artillery made castle walls obsolete, the traditional enterprise firewall perimeter is also now failing to keep suitably motivated attackers out of corporate Data Centres. If an attacker is suitably motivated, then they are already on your internal network.
Historically, some 80% of IT Security investment has gone into the security perimeter, with perhaps some Anti Virus and Data Loss Prevention internally and arguably considered as belt and braces to the 'impenetrable' nature of the externally facing security infrastructure. However, with Advanced Persistent Threats residing on corporate networks for circa 240 days before detection and firewall rulesets along with AV/DLP signatures being updated, additional measures are required within the Data Centre itself.
Given what Ballintrae see in its client engagements, the tide is turning and investment focus is steadily coming round to the need to rely less on the perimeter and substantially bolster internal protection, detection and remediation systems.
The perimeter infrastructure still has its place but the historic approach of building ever higher walls and under-investing in internal security are now as obsolete an approach as relying on the stone walls of yesteryear.
If you'd like to know where Ballintrae believe you should focus your internal security investments, then please Contact Us and we would be delighted to talk you through our thinking and that of our Security Forum members.