Perimeter defense is flawed in nature. Much like a conventional stone, brick or steel walls, perimeter defense systems will always have a way over, under, around or through that can be exploited. No matter how big and tall, thick and wide, or flashy and expensive, the perimeter defense is going to be breached. As stated in the name, perimeter defense is meant to serve as the first line of defense, not as the singular layer of security.
Companies like JP Morgan, who were hacked back in the summer of 2014, have begun to learn this fact hard way. Over the course of a few months, 83 million household and small business account information was stolen from JP Morgan because a singular server was not configured to have its second factor authentication(2FA) enabled.
With over $250 million spent in computer security a year, JP Morgan was still breached.
Likewise, intruder detection, while great on paper, often leads to less than desireable results. The problem with intruder detection is that it doesn’t prevent an attacker from stealing information, it just lets someone know that there has been an attack. There is opportunity to trace the attack, but that unfortunately will most likely lead to Bob’s computer that was taken over by an attacker because Bob wanted to watch that cute cat video embedded with malware. Not to say that intruder detection is worthless, because that is far from the truth. Intruder detection is a great addition to a systems layers of security, but should not be what one relies on as for the supreme security of their data.
The prevailing catchphrase of the cyber security industry is, “It’s not IF you get hacked, it’s WHEN you get hacked.” However, there seems to be a bad case of cognitive dissonance where people are believing that if the walls keep getting bigger or if the detection gets faster that attacks will stop. The reality is that the approach to cybersecurity needs to change. Perimeter defense and intruder detection are great features, but there needs to be a better product to safely secure information.