Former FBI Cyber Chief Sees Threat Outlook Getting Worse
Taddeo said, "Everywhere we look we find the Chinese and everyone else. So what's the answer if the bad guys are able to invade your network seemingly at will? In short, you make it so that once in your network, they can't do anything. "Use the principle of least privilege," Taddeo said. That means giving users access to only the network assets they actually need, and not to anything else.However, he said that it's also critical that once you design your network, you do an honest assessment. That requires that managers in different parts of the enterprise communicate with each other, and in the process, help with the assessment. Then, Taddeo said, "have someone else take a look at it." If I took one thing away from my conversation with Leo Taddeo, it is that at its best, security is a work in progress. Trying to create a fortified perimeter defense against the hackers is as pointless as it was for the French to build the Maginot Line in the 1930s. While those defenses may have been impenetrable, France was invaded anyway because the enemy simply went around those fortifications. Instead, the defenses need to exist in depth, and they need to be varied in their approach. That way, when the hackers figure out how to get past one defense, they will then run up against another one that's completely different. But those defenses must be a work in progress so they can adapt to the threat landscape as it changes. Otherwise, the attackers will simply find a way around them.
Limiting access means designing your network for micro-segmentation, which avoids putting unrelated assets on the same network segment. Taddeo said that while micro-segmentation makes administration more of a challenge, there are tools for administrators that can help with this, including products from his own company.