One item that really bugs me is to hear IT and Cyber Security professionals espouse that the perimeter is dead and that Cyber Security professionals should stop focusing on tools that protect the non-existing perimeter. I was at a lunch with a fellow CISO a few months back and he had invited his CIO to lunch with us. The CIO had recently attended a seminar where they talked about the perimeter no longer existing and he was truly wondering if he could just get rid of his firewalls. It was a fun conversation but also a bit scary to me that the conversation actually had to take place. The reality is that while the perimeter has changed we still host most of our systems and data in a data center or in multiple data centers and whether these data centers are on premise or in the cloud they still have a perimeter that needs protected. Bad actors, both external and internal need to be kept out of areas they have no business being in. To do that requires a strong perimeter consisting of next-generation firewalls such as the ones Palo Alto or CISCO provides. These first line perimeter defense tools should alert into your Security Alert tool (such as QRadar or Splunk) and should also be running Intrusion Prevention and WildFire type of technologies.
The Perimeter exists, heck in most organizations an argument could be made that multiple perimeters exist. Let’s quit saying that there is no Perimeter as the people we are tasked with protecting don’t need to be walking around thinking that they can get rid of their perimeter protection tools.