Data centers aren't easy to secure, which makes them big targets for hackers. And it's challenging for defenders to keep abreast of near-constant changes in applications and data.
Defending the perimeter of the data center has been a major focus for information security teams. That's important, but keeping track of what's going on inside is also key, says Nathaniel Gleicher, a former U.S. government official who is now head of cybersecurity strategy at Illumio.
In an interview with Information Security Media Group, Gleicher says the best advice comes from Rob Joyce, who is head of the National Security Agency's Tailored Access Operations unit, which specializes in infiltrating networks. Joyce spoke at the Usenix Enigma computer security conference in January. "Sophisticated attackers know the data center, know their target network better than the defenders," Gleicher says. "If the attacker knows your network better than you do, you are already on your back foot and in a very, very difficult position."
Data center administrators have an advantage, though. They control the turf, and there are lessons that can surprisingly be taken from physical security, Gleicher says. A key first step is knowing the data center well and where the most sensitive information is located. Gleicher says no one would try to protect a physical space without a map, yet few organizations have a clear map of what's inside their data center.
"You would never try to defend something you couldn't see, and yet that's generally what we do in the context of cybersecurity," Gleicher says.
In this interview (see audio player below photo), Gleicher also discusses:
Why defending the inside of the data center is just as important as defending the perimeter; Why it's important to understand what's going on inside the data center, creating order from chaos; The importance of segmentation, which can block hackers from moving around if they get inside.Gleicher is head cybersecurity strategy at Illumio, which specializes in securing data centers and cloud computing applications. Previously, Gleicher was director for cybersecurity strategy on the National Security Council at the White House. The attorney also formerly served as a federal cybercrime prosecutor with the U.S. Department of Justice.