Published August 2019
Sponsored by Agari, Carbon Black, GoSecure, KnowBe4, MDaemon, Proofpoint, SlashNext, Trend Micro, Trustwave and Zix
Executive Summary
The “network perimeter” today is almost non-existent. Almost all organizations operate a large and growing number of cloud services for mission-critical and non-mission-critical purposes, sometimes just at a departmental level (one source estimates that there are nearly 1,200 cloud services in use in the typical large enterprise and that the vast majority of these are not “enterprise-ready”). Mobile devices – many employee-owned – are regularly used to access corporate data resources and sensitive data assets. These devices typically contain a large number of apps, many of which can be exploited to steal login credentials and other sensitive information. IoT devices are now commonplace and the number of these devices in the workplace is skyrocketing, employees continue to use conventional endpoint devices like desktop and laptop computers, and the “Bring Your Own” trend has expanded from personally-owned and managed devices (BYOD) to personally-owned and managed cloud, mobile and desktop/laptop applications of many types.
In short, the network in most organizations has a dramatically expanded attack surface. There is no longer a defensible perimeter that can fully protect corporate data, and so new approaches, technologies and practices are needed to protect corporate data and finances.