We support browsers, not dinosaurs. Please update your browser if you want to see the content of this webpage correctly.

History and future of network security

Network security became a topic as soon as people started realizing that there was intrinsic value in data. This happened in a series of events as the Information and Digital Age unfolded in the second half of the 20th century.

In the late 1960s and into the early 1970’s, digital storage became a reality. Large, room-sized mainframes were responsible for storing this information, and access to those storage repositories was granted by plugging directly into the mainframe itself or accessing the mainframe’s data from one of many terminals inside of the building. Early adopters of digital storage technology didn’t have a problem protecting company sensitive information as you actually had to be inside the building to get to the information.

Less than a decade later, as more and more data was stored, there was a shift in thinking: Data had value and large helpings of personally identifiable information. During this shift, information started becoming a commodity. Credit card data, bank account numbers, profit and loss statements, personal details, demographic information on large population groups… This proliferation of digital data brought with it the unprecedented risk of the most sensitive of information ending up in the hands of the wrong people.

The introduction of online access and the Internet exacerbated this risk. Not only did companies have large amounts of personal information on employees and customers, they also started sharing, selling, and repackaging this data.

The genesis of cybercrime and the modern approach to protection came about as a result of data becoming a commodity. Anything with value can be bought, sold, and most importantly, stolen. Companies now had to face the new reality that their sensitive information needed to be kept safe from cybercriminals.

Security as a fortress

The modern approach to defend against cyberattacks and threats is to have as many layers as it takes to keep the cybercriminal from getting at your most important and sensitive information. This is not unlike how medieval fortresses were constructed; the farmlands would be on the very outside and multiple layers of walls would deter the enemy, with the very most important possessions and nobility behind the last wall.

This layered strategy, also referred to as defence in depth, exists for businesses as well. Large enterprise organizations often have an extensive combination of firewalls, content inspection appliances, endpoint antivirus, proxy servers, and IAM systems in play protecting dozens or hundreds of private companies. Each of these represent a layer that must be beaten, often prior to encountering the next layer. Make it past the firewall and there might be an Intrusion Prevention System waiting behind that to stop the malicious code from executing. There could be other content inspection processes waiting behind that as well such as an Intrusion Detection System.

In contrast to a brick-and-mortar fortress, there are constant, internal threats to a company. Employees take laptops home and work as if in the office. People bring their mobile devices to work and connect to the guest or private network. Each of these two actions could bring an active malware infection into the company. At that point, DNS-level protection in the form of a firewall or secure web gateway would need to prevent malicious code from downloading or executing.

Modernizing the technology stack

In the modern stack, organizations that handle very sensitive information have compliance standards that must be met. These standards stipulate that a minimum level of protection must be applied. These standards are nearly 100% reliant on the technology stack which is designed to keep criminals from breaching your defenses. IT security can be strengthened by assessing a company’s attack surface, prioritizing the most impactful risks, and finding solutions using a combination of tools and processes. Therefore, risk assessment is a powerful first step in defining the proper strategy.

After proper assessments have been made, administrators then select the fewest tools and processes possible to solve all of their high-priority challenges. These include threat intelligence and prevention tools that help a modern administrator manage the IT stack and activity. Among these tools are:

  • Intrusion Detection Systems (IDS) which scan and alert when unauthorized access or threats have been detected
  • Intrusion Prevention Systems (IPS) which scan for malicious traffic that has made it behind the firewall
  • Endpoint protection products such as antivirus or email protection software
  • Security Information and Event Management (SIEM) tools that allow IT administrators to configure specific alerts attached to specific actions thus increasing their visibility into the stack
  • Network Access Control tools which enhance an administrator’s visibility with policy governance, user governance, and automated reactions to common intrusion attempts
  • Cloud Security tools to remotely manage devices, data, and networks from a central location
  • Physical and Digital Access Control Tools which only allow authorized people or devices access to company property, networks, or information