If you’re a network engineer or have been following some of the recent trends in network security space, you may have come across terms such as “erosion of trust”, “zero trust ecosystem”, “the increased attack surface” and “new attack vectors”. What this means for a network engineer is that as application migrate from on-prem to cloud, and trends like mobility and IoT vastly expand the scale of assets and forms of access to be secured, traditional network security, which historically was centered around securing the perimeter of your network, is no longer sufficient.
I was recently reading the Symantec Internet Security Report. This report has been quite appropriately themed as “2013: Year of the Mega-Breach”. In particular, the Point-of-Sale type of attack, mostly prevalent in the retail segment of the market, is a great indicator of the anatomy of a typical breach. So I’ll use that as an illustrative example for the purposes of this post.