More Articles
Information Technology

How to Thwart Cyber Attacks with Novel Approaches

Tom Badders

Tom Badders

Senior Product Manager at Telos Corporation

Tom Badders, Telos Corporation

With ever more sophisticated cyber threats emerging in an increasingly virtual workplace, it’s important to tackle cybersecurity with novel approaches rather than just using foundational frameworks or VPNs.

Quartz Network Executive Correspondent Britt Erler sat down with Tom Badders, Senior Product Manager at Telos Corporation to discuss the latest trends in network security including, Zero Trust and SASE.

Tom offers insight into:

  • The level of sophistication needed to combat today’s cyber threats
  • The origins and best use cases of Zero Trust and SASE frameworks
  • Novel approaches to take with cybersecurity that accommodate remote workforces

Quartz Network: Can you share a bit of background about your role in your current company?

Tom Badders: I’ve been with Telos for a long time, about 45 years now. I’ve done a lot of different things over the years, starting off just carrying a toolkit and installing minicomputers. But I’ve worked in a lot of secure network environments, rolling out secure wireless LAN, primarily for the military, around the world at bases. For the past few years, I focused as a product manager for a cybersecurity product that we believe is in need in various critical resources, but is expanding to more of an enterprise platform, because of the expanding needs of cybersecurity and issues around that.

Quartz Network: With the switch to virtual for so many companies, what cybersecurity approaches are best under those circumstances?

Tom Badders: Everybody knows that cyber-attacks are occurring at an ever-increasing pace. The level of sophistication of those attacks are also increasing, inflicting damage on people, their devices, their organization, network resources, and so on. Typical approaches to inhibit these types of attacks haven’t really resulted in the level of protection that’s needed against this level of sophistication.

The expanded use of cloud computing paired with the significant increase in remote workers have really exacerbated the problem. The public internet has really become the new corporate enterprise network. The problem with that, though, is that the internet was never designed for security. So there’s a need for some novel approaches to eliminate the risks of operating on the public internet.

There’s a need to make users, their devices and network resources really invisible on the public Internet, so that cyber adversaries can’t even see that they exist. So that’s really what, what the approach needs to be.

Some of the typical ways that technology has been used to protect from cyber-attacks and to protect the privacy and security of people and information ranges from VPNs to firewalls, and so on. And at one time, those were very good implementations from a security perspective. In the early days of the internet, people realized they could use the internet to communicate with one another without having to run a cable between companies and so on. They started doing that until that became a problem.

Then the VPN was born. Point to point VPNs helped solve some of that problem. Firewalls started being implemented at the edge of the enterprise, closing specific ports so that people couldn’t get in unless they were authorized. And those worked for a time also. But as we all know, cyber adversaries find ways around those things. Now, that’s not saying they’re not good technologies. They are good technologies, but they need to be expanded. New technologies need to be integrated and put together in an approach that allows people to communicate and live and do business in the level of privacy that they need.

Quartz Network: What are your thoughts on hot trends such as Zero Trust and SASE?

Tom Badders: They’re very good technologies also. The whole Zero Trust concept came about quite a while ago, back in 2010. Forrester came up with this concept of Zero Trust, whereby the organization shouldn’t trust anybody, shouldn’t trust any device, shouldn’t trust any application, until they were vetted onto their network. And that led into micro segmentation of back-end networks and so on.

It’s kind of a complex type of a capability to implement and it’s taken a long time. It really started from a conceptual stage around 2010 and it’s only the past few years that organizations have gotten around to understanding what Zero Trust is all about and using various technologies to make it a reality.

But there’s still a lot of issues around that from a complexity perspective because it really has to be deployed dependent upon the organization’s specific needs. So, there’s a lot of learning still going on with that.

Regarding SASE, also the Secure Access Service Edge, that was something that the foundational capability came about from Gartner resources. If you look at the SASE Foundation, or functional architecture, you’ll see there are many technologies that have evolved over the years. From software defined perimeters, firewalls, cloud access, security brokers, and so on, all kind of rolled up into this SASE framework.

So the goal there is to build out some of those long standing, and somewhat proven technologies into a larger framework, which also leads to complexity. Folks are having a difficult time figuring out which pieces to use and how they can best be used together in order to meet the security needs of their specific organization.

Those are just some of the leading-edge concepts. A lot of people call them technologies, but they’re really not technologies, they’re concepts. They’re foundational frameworks of ways to approach cybersecurity, depending on your specific needs.

Where we need to go is to some novel approaches. There are some great technologies that have been developed over the years that can be integrated together to provide levels of security that VPNs and software perimeters can’t do alone. Identity-based, contextual access of Zero Trust networks really just works around the perimeter of the network. So historically, cybersecurity companies have approached the security of networks on the four walls of the enterprise.

Then, of course, there are endpoint protection devices, too. So there’s protection at the endpoint for malware detection and so on. There’s protection around the four walls of an enterprise. But like we said before, with the massive moves to the cloud and the significant increase of remote workers, there are more network edges now and it’s becoming harder and harder to manage all of those edges.

Add an organization’s premise-based facility, or whether it’s in multi cloud facilities and you have all of these endpoints, trying to get to all of these edges. It’s making the whole foundational architecture very complex.

So novel approaches need to include proven technologies, like VPN, for example, that devise various network pathways through a private internet. So that you eliminate as many attack surfaces as you possibly can. The whole goal is that if everyone is using the public internet, well, hey, guys, that’s where cyber adversaries operate. That’s their gold mine. That’s where they live.

They’re out there all the time, looking at the public internet, looking at activity, and figuring out ways. You need to devise an architecture that privatizes the public internet for your specific organizations use, that that will hide those cyber-attack surfaces so that they can’t even be seen.

There are technologies such as virtual network obfuscation. It’s all about varying network pathways through a virtual network of nodes that are hosted in AWS, or Azure, or Google facilities, that can connect these various nodes together, and that can eliminate source and destination IP addresses between those nodes so that there’s no way for a cyber adversary to track back to the user or their organization or their device.

It’s all about making sure that whoever is using the public internet to perform any function, whether it’s a personal function, or whether it’s an organizational function, a military function, and intelligence function, that who they are, their device, and their organization, can’t even be seen by a cyber adversary. There’s some work going on there.

As a product manager for Telos, I’ve been working on some capabilities along that route, using them for intelligence purposes, Department of Defense, military purposes, but more and more, those same types of capabilities need to be moved to the commercial marketplace.

So what about privacy of K through 12 students, especially now that they’re not in school. They’re not tied to a corporate school network. They’re accessing everything through the internet. What about cyber bullying for students? What about privacy of their activities out on the public web when they’re doing research for their projects? What about things like IoT? What about things like cameras?

There was a there was a notice that recently came out that a company’s video management system was hacked. And people could see video transmissions from video surveillance cameras, they could manipulate the cameras and they can manipulate the data. What’s worse than all that is it gives them access to the management system itself, which is tied to their back-end network.

Integrating these types of virtual obfuscation methods for cybersecurity into applications that have been using the public internet for quite some time successfully, but are more and more at risk, need to have this level of security. It’s that kind of thing that I believe, from the research I’ve done and the direction that we’re trying to take specific technologies. We need to make sure that we’re one step ahead of the cyber adversaries. But unfortunately, we’re behind right now.

So the new architectures are great, the new technologies that are coming out are great. There’s some awesome companies out there that are implementing Zero Trust and are implementing SASE and are trying to do everything possible. But we have to look deeper so Zero Trust protects the enterprise, and sets up micro segments within the enterprise to allow whoever is authorized to access those things in the enterprise. Then there’s mobile threat detection capabilities for the device. But what about in between? We need to focus on the in between. We need to focus on the internet itself. And that’s where the virtual obfuscation and privatizing the public internet comes into play.

For more industry best practices and insights from leading IT executives like Tom, join Quartz Network.