A New FireEye Report and Albert Einstein's Perspective

May, 21, 2014 Franklyn Jones

A New FireEye Report and Albert Einstein's Perspective FireEye just published another good report on what is REALLY happening in corporate networks today. It's based on network data captured by FireEye appliances during product testing by customers in 1,216 organizations around the world. You can download the report here:

http://www2.fireeye.com/rs/fireye/images/fireeye-real-world-assessment.pdf

The core message of the report is that multi-layer, defense-in-depth security architectures are increasingly ineffective. As proof of that, the data collected revealed that 97% of all these organizations had been breached – despite having Firewalls, IPS, and Secure Web Gateways in place to detect and block advanced targeted attacks. The bulk of the report goes into more detail on the complexity of these attacks and how they are able to evade so many layers of detection technologies.

So now what? How do we solve this problem? Do we add more and more layers of detection technologies, hoping that eventually Layer 23 in your security architecture will identify and stop the attack? Albert Einstein once said that the definition of insanity is "doing the same thing over and over again and expecting different results." That's pretty much what we've been doing with all these detection technologies.

So maybe the better question is, when will this insanity end? Rather than trying (and failing) to detect what is good and what is bad, why not just assume everything from the Internet is bad, then isolate it all within a secure container? For example, isolation technology can be deployed outside the network in the DMZ using a secure container (not just a sandbox) for all web content requested by end users. This isolated web content can then be transformed and delivered to users inside the network as a malware-free stream of video, audio, and images.

Spikes Security has done just that, come up with a different, innovative new approach to eliminating browser-borne cyber attacks — a change of strategy which reminds us of another quote from Albert Einstein: "Any intelligent fool can make things bigger and more complex. It takes a touch of genius - and a lot of courage - to move in the opposite direction."

Franklyn Jones, CMO, Spikes Security

Keep informed.