The Futility of Firewalls

by

May 15, 2022

You’ve been with her for ten years. Trips to the beach and making a mess while enjoying every moment, depressing runs to the grocery store because you forgot to buy bread, making it late to your friend’s cookout. You’ve traveled great distances with her, and while not everyone appreciates or likes her, she’s your car. Unfortunately, it’s time to move on because you can hear the engine starting to scream every time you insert the key in the ignition.

You travel to the dealership and take the free coffee provided. Since you don’t know much about cars, you tell the salesperson that you want your car in “blue.”

That’s correct, and the new car will be “blue.”

Sounds ridiculous, right? This is similar to asking clients what they want in a cybersecurity program and having them reply “a firewall.” Yes, a firewall is essential. But if that’s all you want, you’ll miss all the other mechanisms that make your program go, just like “blue” can’t drive your car.

The title of this article may be a little misleading—firewalls themselves aren’t futile. What makes these perimeter security devices sort into a failing category is the assumption that having a firewall is all you need to ensure your organization is secure. Even adding anti-virus and DNS filtering will not make a case for sleeping comfortably at night.

A firewall for any growing organization is the first step of many. A few organization leaders reading this may sigh in frustration, thinking that this is a long journey ahead, and budget and time are against them.

But if you want to succeed at keeping your company safe, I’d encourage you to get out of the “blue car” mentality. And start thinking of your digital assets as your company’s castle—a place where your livelihood is stored and defended.

Essential Items in Your Castle

When you buy a home or rent an apartment, you are looking for a structure that allows you to weather the rain, snow, cold, and heat. What comes standard with most of these domiciles is at least a front door. The front door is often overlooked or taken for granted, but it’s vital as the piece of your home that lets things in and out when you want them.

Door to your house = Firewall

We need a lock on the doorknob. How about a deadbolt, an alarm system, maybe locks on your windows, a security camera that activates when someone approaches. Perhaps you’re reading this and find all these items a little much? A door is good enough to protect your home. There is no need for all the extra security precautions in this perfect world. We never hear anything on the news about home invasions or office break-ins. End sarcastic tone here.

The question is, why do we assume the firewall can stop everything? This fantastic defensive device seems to encourage a false sense of security to many leaders and key figures in organizations. Along with that false sense comes the futility of trying to defend the data of an organization, which makes up your identity and value. This is your home away from home. This is your car, not just blue, but also with tires, an engine, door locks, an alarm system, and more. Let’s see what else we need to make it safe from intrusion:

  • Endpoint Detection Response: Something that checks all the rooms in the house to make sure there isn’t something lurking. Alerts you and mounts a defense for you in the house. Managed Detection Response means you’re using a 24/7 Security Operations Center to handle this for you.
  • Security Information Event Management: The motion-activated camera at the door. There are versions of this inside the house too.
  • Internal/External Vulnerability Scanning: Checks the windows to ensure there aren’t cracks. Checks the roof to make sure we aren’t missing shingles or have holes. The list goes on.
  • Anti-Virus: A guard dog that stops dangerous animals of the same size or smaller from entering. It can’t handle bigger animals and shouldn’t be used except for snuggle time while watching TV.
  • DNS Filtering: This is mom when you’re a kid saying that you’re going to the movies, but she double checks with your friend’s mom and grounds you from sneaking off to a party with the older kids doing bad things.
  • Data Loss Prevention (DLP): Correctly labels everything in the pantry, so you don’t get the tuna mixed up with the cat food for tonight’s casserole that you’re bringing to your neighbor. The DLP analogy applies to backups and failovers, like spare batteries in the drawer for the remote.
  • Encryption in Transit, Encryption at Rest: Putting your money in a safe, and you are the only one with the code, and/or sending that safe in a box through FedEx to its destination.
  • Multi-Factor Authentication: Having the key to the door and using your fingerprint or another code to enter.

The list goes on but isn’t endless. These vital components are necessary to operate and conduct business securely.

A CIO recently told me:

You can’t have cybersecurity without infrastructure. That’s your castle.”

My response:

Why build a castle if you can’t defend it?”

Nick McCourt is a vCISO and Cybersecurity Engineer for Integris.

Keep reading

Social Engineering Hacks—Are They a Bigger Threat than Ransomware?

Social Engineering Hacks—Are They a Bigger Threat than Ransomware?

We're making a dent in hacking. Cybersecurity tools are better, and employee security training is better too. The emergence of the cloud means that hacker delights like uninstalled security patches happen far less. Now that most companies are backing up and operating...

The Business Impact of the AGCO Ransomware Attack

The Business Impact of the AGCO Ransomware Attack

On May 6, 2022, global agricultural equipment manufacturer and distributor AGCO announced they were victims of a ransomware attack. The cyber assault hit some of their production facilities on May 5. Restoring operations to normal will take several or more days. While...

Cyber Threat Training: Cyber Threat Analysis Training for Businesses

Cyber Threat Training: Cyber Threat Analysis Training for Businesses

When it comes to your business’s cybersecurity, your employees are your front-line fighters. Ensuring every person who works for your company receives cyber threat analysis training keeps you and your private information safe from hackers. If even one employee out of...