Vidder Blog

Security and the “All or Nothing” Paradox

Posted by Mark Hoover on May 21, 2018 4:33:57 PM

Mental inertia. That’s what it is. I have noticed that most professionals contributing to enterprise network security continue to operate under the following tenets which have shaped their behaviors for decades:

  • The corporate network is vastly important.
  • It is critical to secure all aspects of this vastly important resource.
  • Embedding security into the network is the most efficient way to achieve the desired level of security in this vastly important environment.

Three decades of adhering to these tenets have resulted in highly connected global company operations, but at a very high cost accompanied by rapidly diminishing security.

Read More

Topics: network security, Vidder, CISO, security, innovator’s dilemma

The CIO’s Inevitable Strategic Withdrawal

Posted by Mark Hoover on Apr 13, 2018 5:43:25 PM

The corporate network, once a great enabler of business productivity, is rapidly becoming an obstacle. This is leaving CIOs with no choice but to make a strategic withdrawal away from defending global and integrated corporate networks, towards more secure-able and relevant perimeters.  There is no other way forward.

Read More

Topics: security, segmentation

Segmentation: Where to Begin?

Posted by Greg Ness on Feb 15, 2018 1:03:18 PM

A New Paper Suggests it’s Time to Think Differently about Segmentation

The perimeter protecting the network, once considered impregnable, has been degraded by advanced threats and an explosion in the number of connected devices (and apps running on them) and a new generation of predatory malware attacks.

Since the dawn of the networking era, enterprises built open (flat) networks to offer every user access to (almost) every application. Many of these networks are global, spanning business units and national boundaries with unprecedented connectivity. Amazing. Powerful. Everything and everyone is accessible.

Read More

Topics: segmentation, security

Predatory Malware is Rendering Massive Security Investments Irrelevant

Posted by Greg Ness on Sep 27, 2017 4:31:21 PM

Malware has evolved to evade traditional security defenses and move laterally looking for vulnerabilities.  It may even force a generational shift in security.

Read More

Topics: security, cybersecurity, network access control, cyberattacks, predatory malware, secure enclaves

The Cloud is about to Crush the Hardware-based Security Industry

Posted by Greg Ness on May 1, 2017 9:09:52 AM

Last week Amazon announced another stellar quarter, with AWS again being the main headliner for the ecommerce high flyer. Yet I’m convinced AWS growth and profitability has even deeper implications for traditional hardware-bound network security vendors. Two weeks ago, I spoke with a CISO  at forward-thinking IT shop. It was one of the most encouraging and thought-provoking IT discussions I’ve had in a while. He said they were betting on the cloud to “transform” their security posture by enhancing security and scale and reducing costs and complexity.

Read More

Topics: security

SDP Is The New NAC

Posted by Junaid Islam on Nov 19, 2016 2:19:04 PM

Network World recently published an article on why Software Defined Perimeter (SDP) will replace network access control (NAC) products.  To understand why this makes sense it’s useful to look at the changes happening in the enterprise today.

Read More

Topics: security, software defined perimeter

Innovative Thinking Is Hurting Security; We Need Disruptive Ideas

Posted by Junaid Islam on Sep 8, 2016 2:16:27 AM

Security professionals by their nature are risk averse.  Thus it’s no surprise that the security industry is defined by incremental innovation.  Start with something that works and make it better. Unfortunately "innovative security" strategy is leading to an increase in cyber security failures.

Read More

Topics: security

Stop Catastrophic Cyber Failure: Step #2-- Align Security Controls to Reduce Risk

Posted by Junaid Islam on Apr 24, 2016 11:48:52 PM

In part three of the “Threat Based Security Model” series, we’ll create policies based on our risks and then align our security controls to them.

The first blog post introduced the adaptive cyber threat (ACT) model as an alternative to the current compliance driven security strategy.  ACT is a recursive model that starts with identifying and assessing threats, creating policies to mitigate risk, aligning security controls to support policies and then checking what gaps are left (which are then identified as risks).  The ensuing post focused on cyber threat assessment being the first step in ACT. This post addresses policy creation for risk mitigation. 

Read More

Topics: security

About Vidder

Vidder is changing how modern day enterprises approach security in an increasingly untrusted IT landscape. PrecisionAccess™ enables secure, trusted access to critical business applications in today’s perimeterless enterprise. With PrecisionAccess, enterprises can continue to evolve their business ecosystem through major IT trends like cloud migration and outsourcing with assurance that their most valuable applications are safe.

Subscribe to Email Updates

Recent Posts