Jericho Forum brings its deperimeterization concept to U.S.

Perimeter security has become obsolete, requiring a shift to a new model of "deperimeterization," Paul Simmonds, CISO of U.K.-based ICI, said in a keynote that kicked off the Black Hat Briefings Wednesday in Las Vegas.

The old hard-shell model of security isn't sustainable in light of the need for businesses to open up their networks to partners, consultants and clients, said Simmonds, one of the founders of the Jericho Forum, a European group of enterprise security chiefs promoting the concept of deperimeterization.

"We've lost the war on good security," he said to a hall packed with hundreds of security professionals gathered for the two-day Black Hat Briefings. The conference attracted more than 1,800 attendees.

Ultimately, companies need to focus on protecting the data rather than the border, he said.

"What we're trying to protect is the data on the machines. It's the data that has value," Simmonds said.

While deperimeterization doesn't mean discarding the firewall, it does mean accepting that most exploits will transit the perimeter and implementing some web services.

"Deperimeterization is a set of solutions ...It is defense in depth, it has to be open, interoperable, and OS agnostic," Simmonds said.




Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.