“I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.”
Robert S. Mueller, Director of The Federal Bureau of Investigation.
OSS the world over hold highly privileged information that needs heavily fortified information security. Moreover, these OSS operate through connectivity to a CSP’s network assets via tightly restricted network management channels.
I don’t profess to be a security expert, but I have friends and colleagues who are. They tell me that the market leaders in perimeter security products have all been compromised, as emphasised in this report by TrustedImpact.
Do you rely on your network to protect the specific host systems from malicious content rather than using host-based protection mechanisms? If your OSS security strategy relies heavily on perimeter security (ie monitoring ingress/egress points only), then your OSS may have already been compromised.
With the interconnectedness of your distributed OSS servers / applications as well as the broad geographical spread of your DCN (Data Control Network), authentication is unlikely to be restricted to trusted relationships on local systems. And as TrustedImpact’s report indicates, if the keys to the gates are widely available then it now “becomes important to have the skills, tools and ability to detect and remove malicious activity on the inside.”
Have you already re-considered your approach to OSS security in light of the de-perimeterisation issue being targeted by the Jericho Forum?