Computing in compromised environments: Beyond the castle model of cyber-security

David Skillicorn, Christian Leuprecht, Victoria Tait

Research output: Book chapter/Published conference paperChapter (peer-reviewed)peer-review

Abstract

The predominant metaphor for secure computing today is defence in depth: higher, better layers of walls. This article explains why that approach is as outmoded for cybersecurity today as it became for physical security centuries ago. Three forces are undermining the castle model as a practical security solution. First, organizations themselves tear down their walls and make their gateways more porous because it pays off in terms of better agility and responsiveness—they can do more, faster and better. Second, technological developments increasingly destroy walls from the outside as computation becomes cheaper for attackers, and the implementation of virtual walls and gateways becomes more complex, and so contains more vulnerabilities to be exploited by the clever and unscrupulous. Third, changes in the way humans and technology interact, exemplified (but not limited to) the Millennial generation, blur and dissolve the concepts of inside and outside, so that distinctions become invisible, or even unwanted, and boundaries become annoyances to be circumvented. A new approach to cybersecurity is needed: Organizations and individuals need to get used to operating in compromised environments. The article’s conclusion operationalize this strategy in terms of a paradigm shift away from a Castle Model and towards a more nuanced form of computation and data assurance.
Original languageEnglish
Title of host publicationExploring the Security Landscape
Subtitle of host publicationNon-Traditional Security Challenges
EditorsAnthony J Masys
Place of PublicationCham, Switzerland
PublisherSpringer
Pages249-265
Number of pages17
Edition1st
ISBN (Electronic)9783319279145
ISBN (Print)9783319279138, 9783319802404
DOIs
Publication statusPublished - 2016

Publication series

NameAdvanced Sciences and Technologies for Security Applications
PublisherSpringer
ISSN (Print)1613-5113
ISSN (Electronic)2363-9466

Fingerprint

Dive into the research topics of 'Computing in compromised environments: Beyond the castle model of cyber-security'. Together they form a unique fingerprint.

Cite this