I once interviewed a guy from Scotland and asked him what he thought of the movie Braveheart. He said (in a thick Scottish accent), "It was a very good movie, but a bit economical with the truth." I love that phrase. It has nothing to do with the topic of the day, but every time I hear anything about the economy or the word economic or economical I think of that phrase. Needless to say, it's getting too much air time in my head these days. Which brings us to the economic downturn and why I'm writing about it.
This really shouldn't surprise any of us. I've been speaking and writing about the dissolving network perimter for some time now, but as a natural evolution of corporate/organizational networks. I recently highlighted the October SC Magazine cover story, The New Perimeter, which includes customers and analysts validating the assertion. Well, the economic
downturn isn't helping; in fact it is accelerating the evaporation of the perimter. And the absence of a nice big wall around the network is lending itself to an increase in attacks from the network interior. Dark Reading recently published two articles, one on insider threats and one on cyber crime, and how both are getting higher poll numbers in the current economic conditions.
I am completely against fear mongering to get people to buy security products they don't need, but I think there's a genuine issue here that needs to be addressed. I truly believe that organizations who don't prepare themselves for a measureable increase in network breaches over the coming months (if not years) and financial losses due to those breaches will pay the price.
Think about it. On top of the disgruntled employees and the increase in phishing attack success due to financial instition failures (and phishers preying upon an increasingly concerned & confused public), there is a more concerning trend. That trend is the fluidity of network boundaries and the prevailing transcience of the people and devices accessing the networks. With budget crunches in effect or looming, more organizations are outsourcing, experiencing higher employee turnover rates, hiring temporary employees, and in general relying more on contract resources. This means more people and more unmanaged devices coming and going from corporate networks than ever before. The dissolving perimeter trend that has continued at a regular pace is about to take a sharp turn upwards.
I don't think anyone needs to panic but saying that there is no issue to be addressed would be a bit economical with the truth If you don't have a serious plan to control who can do what on your network it's time to think long and hard about it.
