MAY 4, 2010

Replacing Network Security "Voodoo" With Measurable Science

We are all aware of what is going on, in fact we've written about it here on the blog many times. Global networks are under attack from a wide range of enemies, including nation-states, criminal gangs and hackers. At the same time, this network infrastructure is being hit by high-stress application traffic that continues to evolve in complexity. Dig deeper and a vast problem emerges. Our global network infrastructure is rotting from the core.

The global network infrastructure now crumbling under attack and load was never validated to be impervious to this high-stress and malicious traffic. And, no company or organization is impervious to the problem. Recently The New York Times reported that a breach of Google may have reached its password system and global financial services companies, communications networks and even the United States Department of Defense have all felt the crippling effects of brittle networks. It has become readily apparent that the time has come to examine the root of the problem: the deployment of billions of dollars’ worth of devices and applications that are not resilient to live cyber attacks or real-world application load.

Today, BreakingPoint made two announcements addressing this problem, I wanted to provide some background and links to the news and additional resources.

The Issues: Perilous Interconnectivity and Increased Liability

Our world has become dramatically interconnected. Estimates show that by 2013 there will be more than 1 trillion connected devices. The benefits of that interconnectivity are readily evident; however, the threats are equally perilous, with the growth of widespread vulnerabilities and escalating attacks that morph to evade detection. A few things stand out:

Years of neglect of the performance and security of network infrastructure devices have left us all exposed to cyber exploitation, theft and acts of terrorism.
The risks are only escalating, as we witness the theft of billions of dollars and vital intellectual property, as well as increased legal liabilities and threats to national security.
The companies that should be helping with the problem, test vendors, are mired in legacy thinking, believing that their old methods based on simple and megabit-driven networks would translate to testing gigabit-driven and content-aware networks.
Security is often considered “voodoo” or someone else’s problem and not a deterministic science that can be properly measured and then addressed.

The Solution: Hardening the Core Through Cyber Tomography

Cybersecurity is a complex and dynamic discipline filled with more “voodoo” and rhetoric than science and action. While equipment vendors are mired in legacy behavior, our governments are passing legislation demanding more realistic validation of what they call the “resiliency” of cyber infrastructure. Enterprises and service providers are demanding resiliency, and they need the technology and methodologies that allow for efficient detection of previously hidden weaknesses and vulnerabilities in their networks. It is in the face of these challenges that BreakingPoint has today unveiled the world’s first Cyber Tomography Machine (CTM), the BreakingPoint Storm CTM. Cyber Tomography marks the end of unrealistic testing and introduces an era of true measurement of the performance, security and stability of cyber infrastructure devices and systems.

Until now, there was no way to determine how key components of a global network would hold up under crippling conditions, including cyber attack and high-stress application load. Cyber Tomography provides a scientific method of identifying the weaknesses and vulnerabilities of a cyber infrastructure component by measuring its resiliency under cyber attack and high-stress traffic load. Cyber Tomography, like the medical computed tomography (CT) scan, which allowed physicians to visualize the inner workings of the complex human body to detect impossible-to-see abnormalities, is a breakthrough in cybersecurity. To continue with the analogy, the BreakingPoint Storm CTM radiates high-stress assaults into a network infrastructure and provides a visual of any vulnerabilities and weaknesses that occur over time.

BreakingPoint CEO Des Wilson: A Shift Towards Resilient Networks

Today we put out two news releases, the first focused on the advent of Cyber Tomography and the second provided details on the BreakingPoint Storm CTM. BreakingPoint CEO Des Wilson summed up today's momentous news:

“Over the past two decades, legacy testing providers have conspired to provide equipment vendors with hollow tools that make products shine on a data sheet but provide zero deterministic data,” said BreakingPoint CEO Des Wilson. “And, for too long, equipment vendors have grown comfortable sitting on top of these unrealistic performance metrics while their continuous performance and security failures have left us all exposed. The penalties and risks now associated with cyber attacks, data breaches and downtime continue to escalate, while global networks are riddled with stress fractures that simply cannot hold up to the realities of today’s threats and high-stress applications. Now is the time to replace the voodoo of product assurances with proven methodologies and deterministic science.”

“The shift is already happening. New legislation is making its way through the state and federal levels, requiring resiliency certification of IT equipment. Global organizations are demanding a deterministic and ever-current means to measure the security and performance of their next-generation networks. It is this need that BreakingPoint is uniquely positioned to meet with Cyber Tomography. Our ability to simulate real-world applications, real-time security attacks, millions of users and gigabit speeds eliminates the voodoo and rhetoric from cybersecurity, replacing it with actionable intelligence to harden cyber infrastructure.”

You might also notice that we have launched a new website, providing many more resources for enterprises, service providers, government agencies and equipment vendors. Head on over to the news releases and the new site for more information on Cyber Tomography.

Posted by Kyle Flaherty