Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

“There’s no Such Thing as ‘Secure’ Anymore”

by Neil MacDonald  |  April 5, 2011  |  Comments Off

This sounds exactly like what I wrote here and here.

However, this quote isn’t mine. This quote comes from Deborah Plunkett who head the US National Security Agency’s Information Assurance Directorate.

Deborah is quoted in this article on Reuters:

“The most sophisticated adversaries are going to go unnoticed on our networks. We have to build our systems on the assumption that adversaries will get in,”

“We have to, again, assume that all the components of our system are not safe, and make sure we’re adjusting accordingly.”

The NSA must constantly fine tune its approach, she said, adding that there was no such thing as a “static state of security.”

Yup, I agree. That’s exactly the line of research I’ve been pursuing over the past several years with “adaptive security infrastructure”. I have published several research notes and presentations on how to change the mindset of information security to address these challenges. Virtualization of security controls is one way that information security can adapt more easily to address changing threats, but there are many others. For example, securing private clouds will require significant changes in security infrastructure as well.

Assume you are compromised today in a way that is undetectable by traditional network and host-based IPS and antimalware solutions. How would you know?

I hosted a panel on Advanced Persistent Threats at the US 2011 RSA conference and another APT summit in Washington DC a few weeks ago. The consensus is that you are compromised, you just don’t know it. It’s time to start designing information protection systems that work in spite of compromise.

It sounds counterintuitive, but think about this: it is reported that there are more bacteria in the human body than legitimate cells. Yet, we are able to carry on with useful and productive work. Why can’t our organizations?

Comments Off

Category: Beyond Anti-Virus Next-generation Security Infrastructure Virtualization Security     Tags: , , , , ,