Connect with us

Hi, what are you looking for?


Data Protection

When it Comes to Business Defense, Simplicity is the Watchword

Enterprises Must go Beyond the Perimeter and Worry About the Surface Area that is Open for Attack and the Challenge of Detecting Attacks Quickly

Enterprises Must go Beyond the Perimeter and Worry About the Surface Area that is Open for Attack and the Challenge of Detecting Attacks Quickly

Cyber security, fraud prevention, compliance with regulations, and anti-money laundering measures are all facets of business defense. Failures in any one of these and a company could be facing significant fines, reputational damage and extensive forensic and remediation costs. For financial services firms, this could mean a ten-year hangover in terms of Operational Risk Capital. The challenges are many and the solutions are not simple.

Yet, simplicity is key to business defense. Complexity, in terms of the number of distinct systems, processes, data repositories, vendor relationships and other variables are opportunities for exploitation. Simplicity is also key in the new layered defense mode – where the outer layers reduce the likelihood of a successful exploit, and the inner layers find the exploits that evade your other controls.

We’ve heard many times about defense of the perimeter–the idea that we need to keep bad people out of systems. But the perimeter is not the only consideration. You must also consider surface area and topology.

Data Center SecurityYour company’s surface area increases with every device and application that you support – especially if they are all connected. Cyber attacks on corporate systems have come from systems as varied as third party suppliers and Point-of-Sale systems, although they are more likely to come from an infected email or a corrupted website.

Your security processes become strained by the number of devices and systems. Make sure one thousand PCs are patched; how about ten thousand? Deal with dozens of BYOD device types; how about hundreds? Add a new development environment or language to the existing one when each one has different vulnerabilities and requires different processes to secure them?

Complexity also makes it harder to spot anomalies in the system. It’s one of the reasons why break-out fraud and money laundering use hundreds of accounts and transactions. Criminals do their best to hide their activities by hiding in plain sight; mimicking the normal behaviors at the micro level. It’s only at the macro level that the fraudulent patterns emerge. The more systems and processes you have the harder it is to get that macro view; not to mention more costly and time consuming.

Complexity hampers your controls in another way as well. If your control specialists (AML investigators, fraud investigators, and cyber security experts) spend their time acquiring data from different systems or switching between systems to do their jobs they are less effective. A standard response is to dedicate resources to a specific business line or even to specific systems. Unfortunately, this creates silos of information that hamper detection at the macro level. The push for convergence cites the elimination of information silos and an increase in investigator productivity as one of the driving forces.

Advertisement. Scroll to continue reading.

So are you damned if you do and damned if you don’t? Not really – just follow Albert Einstein’s guidance, “Everything should be as simple as it can be, but not simpler.”  Constantly look for ways to simplify your environment including infrastructure, applications and business processes–then work to keep those systems secure. When constructing business cases, include the benefits of reduced risk and lower potential capital costs as part of your business rationale. From a personnel perspective, reward the people that simplify on par with those delivering the latest functionality.

In today’s hyper-connected world it’s not sufficient to worry only about the perimeter. We have to assume that fraudsters and criminals will evade some of our defenses. Therefore, we have to worry about the surface area that is open for attack and the challenge of detecting attacks quickly when they are occurring. In every instance simplification will help.

Related: Complexity is the Enemy of Security

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...