This statement might be bold but it is accurate. While the current security solutions are more sophisticated than ever and the regulators all over the world mandate advanced protection and procedures to be used, secruity breaches continue to happen .

Reading through any report – from government agencies, public security companies and private analysts, it is clear that the overall state of security is not enough. This unique situation is caused due to several factors. Each of those factors is powerful by itself. Their combination is catastrophic:

The positive mass adaptation of the connected world is creating an opportunity for attackers to penetrate deep and far into organizations networks including the most sophisticated and highly protected systems

• The “Internet of things” creates a connected world where everyday objects like watches, smart TV, medical equipment, smart meters and industrial equipment become a launch pad to allow an attack to penetrate a network.
• Consumerization of the organized IT equipment so standard interfaces and protocols are being used to connect classifieds systems. Even more, consumer equipment and components are being used everywhere.
• Knowledge and information sharing allows small number of highly qualified individuals to share their avail knowledge and code. The knowledge of the few is shared very quickly via email, blogs and social media. Typically protected by hard-to-decipher encryption.
• Relative success of “traditional” guerrilla attacks in various parts of the world has proved that asymmetric conflicts pay off. Attackers have the motivation, knowledge and ability to penetrate everywhere.

Size is a problem

Just like border protection, it is more difficult to protect a large network than a smaller place. With a national level network, providing bullet-proof security is impossible. Using the travel industry as an example, it is clear that providing hermetic security at the borders is impossible. The number of TSA agents, magnometers, x ray scans and other measures used did not increase the overall level of security. Still there are enough reports and evidence that such protection can be evaded.

Cost is prohibiting

The high level of complexity and number of protected nodes creating a budgetary challenge for every organization: private or government. There’s never enough budget to provide protection, especially as organizations need to improve and reduce cost in order to provide better services to their customers.

Technology is changing faster

The fast speed of changes in technology gives the attacker an advantage. A single attacker is capable of innovating faster than the protecting organizations. Sometimes this is due to the policies and procedures of such organization – it simply takes a lot of time to move on with a security project, even when the need was identified, budget was allocated and POC was completed. Another thing to remember is that a newly purchased security solution was developed for several months with technology that was also developed for some time, so overall even the newest solution in your arsenal, is using a technology that is older than your attacker’s.

The bottleneck of improved security measures

Using  airport security as an example it is clear to understand why increased security threats and measures are influencing productivity. The more security procedures are being enforced by TSA, the lines at the checkpoint are longer. It is possible to add more agents, but then the number of x-ray machines should be increased as well. As a result, any improvements requires increased capital investment that is only temporary.

When it comes to national-level infrastructure protection, it is clear that any deployed measure would be insufficient. In order to fix the security problems, any solution should meet the following requirements:

1. Meet current and future security challenges
2. Meet current and future performance needs
3. Meet the network size challenges: support Availability: Ability to respond fast, accurately with needed power and Agility: Reinforce defense when needed
4. Act fast during attacks and Advance as needed promote security tools across the network as needed

It is clear that there’s not a single solution that can address all those needs. However the solution can come from a different place: the network. Modern methods to combine, cascade and join multiple solutions to work in concert exist. Such solutions include network packet brokers that are used to integrate multiple solutions together seamlessly to create a very effective security solution that is made from multiple products, each addressing some risk factors and attack vectors, yet their combination together is creating a very effective solution.