The modern-day Internet is too vulnerable for sensitive traffic. It's time for a new one.

Philip Celestini, Chief Security and Risk Officer, Syniverse

January 21, 2018

4 Min Read
Breaking the Habit of Unsecured Internet Connectivity

It's time to acknowledge that whenever we connect any device to the Internet, we put ourselves, our device and perhaps even our entire organization in harm's way.

High-profile cyber attacks are now a permanent feature of today's IT landscape. Their volume and variety are such that any connected device -- whether laptop, tablet, smartphone, sensor, home system or connected car -- is potentially vulnerable to malicious activity.

One of the root causes of this problem is that the public Internet that every company uses is fundamentally unsecured. It was never designed to be a completely authenticated and secure environment, and every effort to make it one has been, at best, an adaptation. As a result, from a security perspective, it's now more of a best-effort network than a best-in-class one.

For this reason and others, we've reached a point where we need a new model for network connectivity -- one where we must break the habit of relying on the unsecured Internet.

New IoT opportunities – and threats
In particular, the arrival of the Internet of Things (IoT), and with it the proliferation of devices able to collect, send and receive massive amounts of data, presents a systemic risk for companies that want to incorporate the IoT into their operations. The continual streams of data between connected devices, sensors and cloud environments depend on secure connectivity to deliver the efficiencies, cost savings and innovative business models that the IoT promises.

Businesses are eager to explore these new opportunities. At the same time, however, they face frequent and sophisticated cyber attacks through the public Internet. While the IoT opens a range of new opportunities, it also exponentially expands the attack surface for hackers.

For the IoT to be practical, companies must face the reality that the public Internet is unable to provide the level of secure global connectivity necessary for today and the future.

The public Internet's risk-reward conundrum
So why then do companies continue to risk using an inherently unsecured network to transport sensitive traffic?

On the one hand, it's familiarity and habit. On the other, a lack of practical alternatives.

In today's digital world, companies that want to do business must use the public Internet. They have to use it to give them the access and reach to communicate and exchange information with customers. The public Internet's capabilities are also essential for companies to access applications, storage systems and other resources that are increasingly cloud-based.

Use of the public Internet has always posed a risk-reward conundrum. Companies that use it for sensitive transactions, or storing critical data, are taking a calculated risk. Yet commercial necessity alone has been perceived as enough to outweigh the immediate hazards.

Secure connectivity – up to a point
Of course, companies and organizations aren't completely helpless. They can apply security measures to connected devices and other end points, as well as their own network gateways. They can also encrypt their data while it's in transit.

However, these measures only mitigate the risk of data theft or malicious attack to a certain point. The lack of an alternative secure transport option prevents companies from further reducing and controlling the risks that their data faces once it leaves their network, or once their device connects to the public Internet.

But it doesn't have to be like this. Over the last few years, the advent of private, isolated IP networks means that companies and communication service providers can now break this habit and make the switch to a more purpose-built method of secure data transport.

New breed of network
A private, isolated network reduces the risk of attack or theft without compromising performance. This network can be utilized to minimize business risk by providing a high level of security from public Internet threats; global but flexible connectivity; and better performance with higher capacity, higher speed and lower latency.

Most importantly, by isolating connectivity from the public Internet and conducting operations in a private environment, this network allows companies to move out of the danger zone. They can shield their users, devices and data from malicious threats that proliferate across the Internet through vulnerable end points and connections.

Breaking the habit for good
The rapid growth of IoT devices and applications is opening the next era in connectivity -- and vulnerability. As businesses seize the opportunities of this new age, they risk leaving their commercial data exposed to a public Internet never intended for that purpose.

Ultimately, companies that want to conduct business and transfer data with certainty, security and privacy must break their habit of relying on the unsecured Internet. They must adopt a new network connectivity model with the use of private, isolated networks to protect and authenticate their data.

— Philip Celestini, Chief Security and Risk Officer, Syniverse

Read more about:

EuropeAsia

About the Author(s)

Philip Celestini

Chief Security and Risk Officer, Syniverse

Phil Celestini is Chief Security and Risk Officer at Syniverse. In this role, he leads security and risk management across the company, including adopting new technologies and building industry awareness of critical threats and opportunities arising from such areas as the Internet of Things and 5G. Phil's career spans more than 35 years across government, law enforcement and the military: from 1992 to 2018, he served as Special Agent in the US Federal Bureau of Investigation (FBI), where he was most recently Special Agent in Charge in Washington, D.C., and also served as the FBI's senior representative to the National Security Agency and US Cyber Command. Previously, Phil served as an intelligence operations officer in the US Air Force. He received his bachelor's degree from the U.S. Air Force Academy and holds a master's degree in public safety leadership.

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like