Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Leadership and ManagementCybersecurity News

Has Cybersecurity Become the Definition of Insanity?

After years of breaches, stolen data, CIO/CISO resignations and huge impacts to business reputation, it’s time for the industry to rethink its approach to network security.

By Paul German
cyber insane
December 6, 2018

It shouldn’t take a data breach to make an organization realize that it’s time for a new approach. The IT industry has seen new technologies, a whole host of cybersecurity mistakes and watched countless organizations publicly apologize to its customers for stolen data. Yet, the industry still hasn’t changed the way it thinks about cybersecurity. The current thinking around cybersecurity falls into the definition of insanity, with many organizations doing the same thing over and over again, expecting different results, still being shocked when their company is the latest to hit the hacking headlines.

What the state of the industry shows us is that the current security model is broken. To overcome the complexities, organizations need to adopt an entirely new mindset when it comes to network security, and instead focus on the data.

 

The Industry Has Failed

This won’t come as a surprise to many. By overcomplicating network security for far too long, the industry has been left behind, trying the same methodologies over and over again and failing to make the changes required to keep critical and sensitive data safe.

We’ve all learned the lessons from the high profile data breaches that have formed the topic of huge debates over the last few years. OPM and Target were not only two massive breaches, but were clear signs that current attempts to secure corporate networks were – and are – just not enough. Quite simply, this is because organizations are trying to protect something they no longer own. For the last 15 years, security thinking has focused on the network. The premise being that it’s the network that is insecure, so by building up our network defenses, we can also protect the data that runs over it.

However, we don’t always own the networks over which our data runs, so therefore focusing on this aspect is leaving many other doors wide open. The corporate network used to remain in the data center, but in the digital economy present today, the corporate network spans over corporate locations worldwide, including data centres, private clouds and public clouds. This data is not just distributed to employees, but to third parties whose devices and policies cannot be easily controlled. Add legacy security measures into the mix which simply weren’t constructed to address the complexity and diversity of today’s corporate network, and it’s clear why this is not enough.

It’s time to make a change: the industry needs to take a step in the right direction and put data at the forefront of security.

 

Start with a Security Overlay

In an effort to keep their data and infrastructure secure, organizations have adopted an approach of layering technology on top of technology. However, the technology stack itself has become far too complicated, and the number of resources, operational overhead and cost needed to manage it have only contributed to the failing security mindset.

However, the change that needs to be made is simple. Organizations must start with a security overlay that covers the networks, independent of the infrastructure, rather than building the security strategy around the infrastructure. From a data security perspective, the network must become irrelevant, and with this flows a natural simplicity in approach.

As well as enabling organizations to better secure their data, this approach also has economic and commercial benefits. Taking intelligence out of the network allows it to focus on the core task of managing traffic, saving money and resources that can better be invested in a true security model with data protection at its centre.

 

A New Era of Cybersecurity

To begin this mindset change, organizations need to start thinking about security as an overlay on top of existing infrastructure. They also need to introduce a software-defined approach to data security, enabling a centralized orchestration of security policy. This centralized orchestration enforces capabilities such as software-defined application access control, cryptographic segmentation, data-in-motion privacy and a software-defined perimeter, and means that data is completely protected on its journey across any network, while hackers are restricted from moving laterally across the network once a breach has occurred. To further protect the network, organizations can also adopt innovative approaches such as Layer 4 encryption which renders the data itself useless, and therefore worthless to hackers, without impacting the operational visibility of the enterprise network and data flows.

There is no longer room for over-complicated network security. Put simply, the industry has no chance of progression if it continues to try the same methods over and over again, without making any changes and adapting to the new cybersecurity threat landscape. It’s time for organizations to dumb it down and adopt a simple software-defined overlay approach to security.

 

KEYWORDS: cybersecurity careers data breach security leaders security risk management

Share This Story

Paul German, CEO of Certes Networks, is an experienced sales focused CEO with more than 20 years of experience in selling, marketing, implementing and supporting networking and security technologies. German joined Certes in January 2015 where he initially led the EMEA region growing revenues 50% and establishing key relationships selling into multiple vertical markets, on which further success will be scaled.

Blog Topics

Security Blog

On the Track of OSAC

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Red laptop

Cybersecurity leaders discuss Oracle’s second recent hack

Pills spilled

More than 20,000 sensitive medical records exposed

Coding on screen

Research reveals mass scanning and exploitation campaigns

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing