Hundreds of billions of dollars are spent annually for layer upon layer of active defenses, yet not a day goes by without new headlines and personal experiences of successful attacks that continue to multiply.
We need the Internet. But the Internet and telecommunications networks are insecure and NOT PRIVATE. #
- No device, data or digital asset of value is safe from criminals and hackers
- Authoritarian governments and hostile state actors around the world can spy upon and sabotage companies and organizations, infrastructure and individuals with unprecedented ease and efficiency
- Defending against this threat matrix has become too complex and costly for average users and SMBs, so they just give up
How Did We Get Here? #
This didn’t just happen by accident. There are root causes for the current state of affairs.
Centralized servers, with human access and control #
The “Cloud” infrastructure that you rely on today – and the security solutions that attempt to defend it – all rely upon:
- Centralized servers
- Centralized Certificate Authorities
These servers, certificates and people can all be compromised. Or no need to bother since certificates can be purchased on the Dark Web!
Visible for study and attack #
With Internet Protocol, network addresses and traffic are visible, and connections are insecure by default. So the Bad Guys always have the advantage.
Data is Vulnerable #
Because:
- it is either not encrypted or someone else has the access to and control of the keys; and
- encryption UX is too complex and painful so it is rarely used
The Costs of Insecurity Are High and Growing #
- Remote distributed workforce with BYODHas made traditional defences like VPNs irrelevant
- Everything is Getting ConnectedIt is no longer just your data at risk
- Al is expanding both the sophistication and breadth of attacksExponentially lowering the costs and increasing the power of decentralized attacks
Most Average User and SMBs are Basically Defenseless #
Because they lack an understanding of the threat and existing tools are too complex and expensive
VPNs Are Simply Not Sufficient #
It’s not that they are bad. They just do not address the actual root causes of the problem and suffer from the same 3 foundational vulnerabilities.
- Centralized servers with human access
- Castle and Moat architecture
- Visible for study and attack
And they still integrate and rely upon the rest of Web infrastructure – and its vulnerabilities.
SDNs / ZTNA Are Too Complex and Expensive – and Still Vulnerable #
Still Have Centralized Control and VulnerabilitiesComplex and Hard for End Users and ITExpensive Enterprise Solutions & Support
So SMBs avoid them entirely or use them only for selective, high risk users – leaving the rest of their networking unprotected or on VPNs.
Neither Protect Our Critical Smart and Dumb Devices #
Because they lack:
- sufficient resources for encryption; and/or
- programmable interfaces to connect to encrypted networks.
So organizations rely upon firewalls and other tools to try to block the gateways to them. But so long as they are on the Internet, they are vulnerable.
Neither Protect Your Data #
- VPNs and SDNs / ZTNA only protect data in transit.
- Centralized admininistration and access
- Don’t scale, rigid and brittle
- Complex and Hard for End Users and IT
So your data just lies around on endpoint devices and cloud servers waiting for the next hack.
“Just Trust Us” #
Today, you always have to trust the Privacy Policies and ability of Web platforms, application providers – including VPN companies, service providers and your own staff – to defend their platforms and infrastructure from outside and inside attacks. But they can always be compromised easily.