For the better part of the 90s and early aughts, the sysadmin handbook said, “Filter your incoming traffic, not everyone is nice out there” (later coined by Gandalf as “You shall not pass“). So CIOs started to supercharge their network fences with every appliance they could get to protect against inbound (aka INGRESS) traffic.
In the wake of the first mass phishing campaigns in the early 2010s, it became increasingly obvious that someone had to deal with the employees and, more and specifically, their stunning capacity to click on every link they’d receive. Outbound traffic filtering (aka EGRESS) became an obsession. Browser security, proxies, and other glorified antiviruses became the must-have every consulting firm would advise their clients to get their hands on ASAP.
The risk was real, and the response was fairly adapted, but it also contributed to the famous “super soldier” stance. I’m alone against an army? So be it, I’ll dig a trench, bury my assets inside, behind heaps of software and become a super soldier to hold my ground.
But the “ground” was a moving target. SaaS, shadow IT, Public Cloud, temporary workloads, and work-from-home broke those walls. The once very clear perimeter became increasingly blurry. The concepts of “inside” and “outside” became blurry. The super soldier couldn’t defend all areas simultaneously. He was also facing a growing army of well-trained & heavily funded cyber criminals. Superman couldn’t just be everywhere at the same time any longer.
And then, in the late 2010s and early 2020s came the ransomware. A terribly clever way of monetizing the technical debt at the highest possible price. The same old hacking technics, thanks to the rise of cryptocurrency, now were worth platinum. Our super soldier was, all of a sudden, very alone and … quite useless.
images from Hacker News