The United States Federal Bureau of Information opened its Internet Crime Complaint Center, IC3, in 2000. Over the next 17 years, the center received an average of 235,000 reports a year. Between 2017 and 2020, the number grew steadily from approximately 300,000 a year to 470,000. Then came the onslaught.
2020 saw 791,790 incidents reported across the U.S. This rise of 69% was caused by the breaking of the secure network perimeter as white-collar workers relocated their offices to their homes. The upwards trend continued in 2021, with 847,376 crimes costing companies and individuals a total of $6.9 billion that year.
These figures are mirrored across the world, with global cybercrime damages estimated to be $6 trillion this year.
While the pandemic lockdowns are, for now at least, a thing of the past, cloud adoption and remote working have spring-boarded off the pandemic to permanently change the way the world does business. In this new world, data is the lifeblood of business and the threat landscape is a fluid, ever-changing place with no fixed boundary.
This is a big problem for network security, which used to rely on fixed firewall perimeters for protection.
“We believe that in this data era, the security transformation must accompany digital transformation,” said Mahesh Nagarathnam (pictured), networking product management consultant at Dell Technologies Inc.
Nagarathnam spoke with theCUBE industry analyst Dave Vellante at the “A Blueprint for Trusted Infrastructure: Episode 2” event during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the challenges of securing the network in a dispersed computing environment. (* Disclosure below.)
A new framework is required to secure modern network infrastructure
The biggest challenge facing network security is how to build network infrastructure for the modern era that is intelligent, automated, and enables maximum flexibility and business agility without any compromise to security levels, Nagarathnam told theCUBE.
“In today’s data-driven world, IT operates everywhere and data is created and accessed everywhere,” he said. “Cybersecurity needs to span across all the devices and run across any application, whether the application resides on the cloud or anywhere else in the infrastructure.”
The security framework has evolved to meet this challenge, and the adoption of zero-trust security with its mantra of “never trust, always verify” is on the rise. According to recent research, 55% of organizations have a zero-trust initiative in place, with a further 42% planning to implement one in the next 12 to 18 months.
Zero trust expands to the idea of creating cyber resiliency within a company. From a networking perspective, this is the ability to protect from and withstand attacks on networking systems, according to Nagarathnam. As network security evolves, cyber resiliency will extend into networking systems that can adapt and recover from attacks.
Network security revolves around access control, software integrity and vulnerability response
The Dell “Blueprint for Trusted Infrastructure” builds on the zero-trust framework to create cyber resiliency across all parts of an organization’s infrastructure. This includes storage, servers, hyperconverged infrastructure and networking components.
“When you are looking at securing the network infrastructure, it revolves around the core security capability of the devices that form the network. These are access control, software integrity and vulnerability response,” Nagarathnam said.
Access control follows the key tenets of zero trust, “ensuring that only the authenticated users are able to access the platform and they’re able to access only the kind of the assets that they’re authorized to, based on their user level,” he added.
Software integrity is about assurance validation, making sure the software running on the system has not been compromised. This has two facets: ensuring the platform is not compromised and that any updates and upgrades are signature validated.
Vulnerability response refers to the identification and report of any vulnerabilities with a response, such as patching, performed in a standardized manner following the companywide security framework.
An in-depth description of Dell’s network infrastructure security
Secure network infrastructure is a core aspect of Dell Trusted Infrastructure, providing the interconnect between the servers and the storage world, according to Nagarathnam.
“It’s part of any data center configuration for a trusted infrastructure,” he stated.
Going in-depth into the specific features through which Dell secures the network and builds its trusted infrastructure, Nagarathnam discusses secure logging, network configuration, isolation and micro-segmentation, open networking standards, role-based access control and remote authorization, routing protocols, application trust, data trust, smart fabric services and other components that together create Dell’s zero-trust network infrastructure. This trusted infrastructure then provides a modern, cyber-resilient foundation for organizations undergoing security transformation.
“From a Dell networking security perspectiv,e there are multiple layers of defense both at the edge and in the network, in the hardware and in the software, and a set of rules and a configuration that’s designed to protect the integrity, confidentiality and accessibility of the network assets,” Nagarathnam said.
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the “A Blueprint for Trusted Infrastructure: Episode 2” event:
And, you can watch the entire event here:
(* Disclosure: TheCUBE is a paid media partner for the “A Blueprint for Trusted Infrastructure: Episode 2” event. Neither Dell Technologies Inc., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)