Former NSA Deputy Director Chris Inglis on the Technology of Combating Cyber ThreatsPart 2 in the 4 part series
Traditional security tools have focused on abstractions such as perimeters and endpoints, representations of things that don't really exist in today's interconnected ecosystem. They were not designed to protect the data we're actually trying to keep out of the hands of attackers. These tools have been marginally effective at defending against yesterday's attacks, those we already know are in the environment.
"If you're lucky, someone else experiences the attack first. If you're smart, you prepare for the first time it happens to you," says Inglis. "We cannot respond at the speed of yesterday. We need to understand what is happening today."
Inglis advocates for an industry-wide shift from security measures that focus on abstractions, to a renewed focus on data and behavior that is applied against that data.
"You need to have the analytics that actually understand data and behavior, and you need to do it in real time," argues Inglis. "A proactive defense focuses on anomalous behavior."