Traditionally, companies have sought to create a hardened IT network perimeter that kept all potential cyber threats out and to protect organisations through the use of network security platforms such as firewalls. In the modern context, however, this has become a restrictive and dangerous approach and I will explain why.
What we think of as traditional firewalls are only really able to inspect unencrypted traffic. This means that attackers will use encrypted communications to exploit and maintain control over assets. Attackers have also moved to exploit changes in application design and implementation, and use network paths between application components that traverse internal data centre and cloud networks.