I was recently invited to participate in a closed Congressionally-mandated meeting of a dozen or more intelligence and technology experts to discuss what the research and development priorities of the U.S. Intelligence Community should be for the next 10 years. While a lot of ideas were tossed about and shot down, one of a handful that rose to the surface was the need to re-think our security paradigm from the long-standing one of trying to keep bad guys out of our networks to assuming that they're already inside. This is known in government circles as "Assumption of Breach". Debora Plunkett of the NSA's Information Assurance Directorate has said as much back in December, 2010. Price Waterhouse Coopers has been an advocate of that strategy as well. New startups are basing their entire business model on an Assumption of Breach focus. Such a strategy involves multiple new tactics but two are key: enhanced threat intelligence and how to prevent critical data from leaving your network.
My next book for O'Reilly Media "Assumption of Breach - the New Security Paradigm" will explore how we arrived at this point, the latest thinking from the U.S. Intelligence Community on this topic via interviews with former and current officials, and provide strategic advice on how companies should establish a ranking system similar to how the U.S. government classifies documents (Top Secret, Secret, Confidential, FOUO) and place appropriate security controls on their data.
Hopefully, the book will be completed and available for sale by the end of this year although the final decision on that is up to O'Reilly Media. If you'd like to stay up-to-date on how the book is progressing, when pre-orders are available, etc., just follow me on Twitter.