There are plenty of interesting parallels here for today’s information security practitioners. The initial era of cyber security was ushered in by attention seeking “hackers,” denial of service attacks and large-scale viruses. In response, security vendors developed products such as firewalls, intrusion detection/prevention systems and signature-based anti-virus. These have now become the static and reactive boundary-style measures of IT security. And they are no longer adequate.
There are two key trends driving the need for us to reevaluate our cyber security stance. The first is the growing sophistication of attacks that simply end-run these passive controls. The second is the cost-saving demands of moving sensitive information out from behind static digital walls, and into shared services such as cloud computing. The key to your future as an effective IT security practitioner will be your ability to identify and implement the appropriate mix of static and new, proactive tools to effectively deal with the changes in threat and vulnerability landscape.
If that’s too difficult, you could always try building a taller fence or a thicker wall.