Have we put too much emphasis on protecting the network?

2021-02-15 06:30

Recently, much of the cybersecurity commentary and blogs have talked about new approaches for protecting the network, especially beyond the perimeter.

The trend is for our discussions to take on a verbal shorthand and presume that everyone understands what we mean when we talk about protecting the network, beyond the perimeter.

Like a utility, we expect it to be available as needed, and while it should be maintained and yes, even protected, our shorthand of protecting the network has obfuscated the real targets of what we should be protecting and the controls for providing that protection.

We should throttle back the shorthand phrase of protecting the network and actually talk about protecting the application, data, and resources that we rely on in today's environment of information technology.

Critics will take a reductio ad absurdum approach and argue that not protecting the network is ruinous.

Rather than talk about protecting the network, we should talk about identifying, managing, monitoring, and controlling access to our IT assets and data as the priority, and protecting and managing the network as protecting the infrastructure - critical as it may be.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/AyMHCHJw7xc/