Evolving threats: how to defend the border enterprise

News
By published

The front line in the battle for cyber security

Defending the Border Enterprise

New business and IT trends are causing serious disruptions in how we approach information security. With corporate identities under siege, a single successful login is no longer a sufficient way to attain trust.

While in the past there was a defined perimeter around important information – today that perimeter is virtually non-existent.

Cloud, workforce mobility, BYOD and Software-as-a-Service (SaaS) platforms have dissolved the traditional boundaries while adding to the headache of potential points of breach IT departments have to work out in securing assets they don't own or operate.

Defending the enterprise

A different type of defence must be implemented to adapt to this new normal and secure a borderless enterprise from an ever-changing threat landscape.

More specifically, as an organisation's employees become the front line of cyber attacks IT departments today need a system of identity access management (IAM) that is more dynamic, agile, intelligent and risk-aware: in short, adaptive IAM.

Whereas traditional IAM approaches guarded stationary perimeters around data largely in one, centralised location, adaptive IAM creates a dynamic "situational perimeter" that patrols and safeguards against attacks by enforcing security wherever users interact with corporate data and resources – not only across various devices and platforms, but throughout the entire process of interaction.

Multi-vector attacks

Today's advanced threats and multi-vector attacks (the different methods in which employees can be targeted i.e. through malicious emails, accesing wireless networks on smart phones, chatting on social network sites etc) can strike at any moment during the user experience, and many of today's IAM solutions are too primitive to spot suspicious behaviour.

IAM systems today assume that users providing correct credentials at first log-in can be trusted, but the fact is that establishing trust cannot just be a one-time thing.

While convenience must be placed at the centre of the operations, users are acclimatising to the idea of signing onto multiple websites when using online "passports", such as their Facebook ID, Google sign-in or Microsoft account.

It's just a matter of time before people expect similar or even greater levels of integration when signing into corporate IT services.

The Basic Principles

So how do we achieve this new level of responsive, adaptive, intelligent security? The concept rests on four basic principles:

  1. Creating rich user profiles drawn from many attributes that can independently corroborate the trustworthiness of users and their activities in real-time against a historical baseline, with significant deviations from "normal" behaviour signalling security problems.
  2. Providing intelligence through big data analytics that can assess risk, detect problems and interrupt users attempting unsafe activities.
  3. Monitoring and risk-based intervention should be implemented to keep track of what users do after initial authentication, and adjust access controls to measured risk levels.
  4. Consumer-level convenience must always be top of mind, meaning identity controls and risk assessments must occur behind the scenes, intruding upon corporate end users only when necessary.

While these principles are fairly straightforward, the path to adaptive IAM will not necessarily be a quick or easy one. Companies must rethink the way they think about security to take into account the way their employees are interacting with company data.

Employees are no longer accessing information on one central server from the PC; they are interacting with it at home, on the go and from a pool of devices that grows every day.

In reality, we are likely a few years from this IAM ideal, but progress is being made and more importantly, the charge has been set forth. IAM solutions must adapt as fast as the rapidly changing threat scenarios they protect against.

By implementing an IAM solution that is adaptable, intelligent and dynamic, we can establish effective, situational perimeters around the borderless enterprise and arm ourselves for the front lines of today's cyber security battle.

  • Sam Curry is Chief Technology Officer, Identity and Data Protection business unit and Chief Technologist for RSA.
Sam Curry
Sam Curry

Global VP & CISO in Residence at Zscaler.

Latest in Security
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
Latest in News
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Millwall FC The Den
The UK's first football club mobile network is here - but you probably won't guess which team has launched it
The Witcher 4
You're probably not playing The Witcher 4 until 2027 at the earliest, per CD Projekt's latest financial update
Apple iPhone 16 Pro REVIEW
The iPhone 17 Air looks impressively slim in this new comparison image, but that just makes me more worried about the specs
Matt Murdock smiling in Daredevil: Born Again episode 5 and Kamala Khan looking stunned in The Marvels
Daredevil: Born Again episode 5 just revealed what Kamala Khan has been up to since The Marvels, and now I'm more excited for the next superhero team to appear in the MCU
Google Pixel Watch 3, 41mm and 45mm
Google says it will fix broken Wear OS 5.1 update, but why does this keep happening?
More about security
cybersecurity

Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak

A major Keenetic router data leak could put a million households at risk
Ransomware

Cl0p resurgence drives ransomware attacks to new highs in 2025
See more latest
Most Popular
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Millwall FC The Den
The UK's first football club mobile network is here - but you probably won't guess which team has launched it
Josie and Matt laughing in front of the Google Pixel 9a
TechRadar Podcast: Is the Pixel 9a ugly? Has Apple ruined the smartwatch market? And is Samsung's One UI in trouble?
Apple iPhone 16 Pro REVIEW
The iPhone 17 Air looks impressively slim in this new comparison image, but that just makes me more worried about the specs
Matt Murdock smiling in Daredevil: Born Again episode 5 and Kamala Khan looking stunned in The Marvels
Daredevil: Born Again episode 5 just revealed what Kamala Khan has been up to since The Marvels, and now I'm more excited for the next superhero team to appear in the MCU
Google Pixel Watch 3, 41mm and 45mm
Google says it will fix broken Wear OS 5.1 update, but why does this keep happening?
Two Android phones on a green and blue background showing Google Messages
Google Messages just added a fun upgrade to one of its best chat features
The Witcher 4
You're probably not playing The Witcher 4 until 2027 at the earliest, per CD Projekt's latest financial update
Nimo N172 laptop
This obscure laptop brand sells a 64GB AMD Ryzen 9 laptop for just over $700 which is faster than the Apple's M4 CPU
DeepSeek
DeepSeek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models