Industry Perspectives

Real-World Tests, Real-World Results: Are You Building Another Maginot Line?

Today we are releasing “Cybersecurity’s Maginot Line: A Real-world Assessment of the Defense-in-Depth Model.” The report is a first-of-its kind analysis of real-world data spanning more than 1,217 organizations in 65 countries across more than 20 industries. It reveals a deeply flawed defense-in-depth model, at least as it’s commonly deployed. In short, most of today’s top-selling security tools fail to protect 97 percent of organizations that deploy them.

The only true test of a product is in a real-world setting. Our data comes from organizations testing FireEye network and email appliances, but not yet fully protected by the FireEye platform. Because FireEye sits behind all conventional security defenses, the tests provide a unique vantage point to observe other security layers in action.

In other words, any threats observed by FireEye in these tests have passed through all of an organization’s other security layers.

We call this state of affairs the new Maginot Line. That’s because it reminds us of France’s famed 940-mile string of deep-earth bunker fortresses, anti-tank obstacles, and barbed-wire entanglements built to fend of Germany in the run-up to World War II.

It was expensive and futile. Germany sidestepped the line using a novel blitzkrieg-style attack through Belgium. The French military, which had diverted much of its budget to the line, could not mount an effective defense.

Today, many organizations face a similar problem. They spend billions of dollars every year on defense-in-depth IT security architecture. And attackers are easily stepping around them.

As our report shows, it doesn’t matter what types of signature-based firewall, intrusion prevention system (IPS), Web gateway, sandbox, and endpoint systems make up your Maginot Line. Attackers are circumventing them all.

So what should organizations do? For one, they need a new approach to securing their IT assets. For many, that means reducing waste on redundant, backward-looking technology and redeploying those resources on defenses designed to find and stop today’s advanced attacks.