Engineering Digital Risk Protections Using Software Defined Perimeter

The current state of cyber security is slowly transforming from a compliance-based approach to a risk-based approach. This challenge is increasing the need for information security professionals to understand and be able to explain risk from a business perspective. To do this, requires an understanding of the differences between cyber security, cyber risk and digital risk. This paper addresses digital risk and how the Software Defined Perimeter (SDP) helps to reduce risk from cyber threats. 


Software Defined Perimeter to Prevent DDoS Attacks

The software defined perimeter (SDP) is a new and proven approach to cyber security that prevents network-based attacks, including but not limited to brute force large scale Distributed Denial of Service (DDoS) attacks. Software defined perimeter protects both legacy IT assets and cloud services of all classification levels. This white paper will inform Chief Information Officers (CIOs) of large organizations and agencies how the software defined perimeter works, map the technical design and workflow, describe all its features, identify the protections gained, introduce benchmarks and monitoring, and conclude with the anti-DDoS use case.


Customer Experience Leaders Must Step Up to the Cybersecurity Challenge

This research brief is a transcript of an interview between Connie Moore, Vice President, Research, at Digital Clarity Group, and Juanita Koilpillai, CEO and founder of Waverley Labs, and one of the co-founders of the Digital Risk Management (DRM) Institute. The interview focused on two nascent but important trends for 2017: cybersecurity collaboration and Software Defined Perimeter (SDP). It also underscores the importance of CMOs and other customer experience leaders taking immediate steps to get involved in cybersecurity planning and measures.

Software Defined Perimeter – Specification 1.0

This technical white paper describes the Software Defined Perimeter (SDP) protocol, which is designed to provide on-demand, dynamically provisioned, air-gapped networks. Air-gapped networks are trusted networks that are isolated from all unsecured networks and this may allow them to mitigate network-based attacks. The software defined perimeter can be used in government applications such as enabling secure access to FedRAMP certified cloud networks, as well as commercial enterprise applications such as enabling secure mobile phone access to public clouds.

NIST Cloud Computing Security Reference Architecture SP 500-299

This document helps to demystify the process of describing, identifying, categorizing, analyzing, and selecting cloud-based services for the cloud Consumer seeking to determine which cloud service offering most effectively addresses their cloud computing requirement(s) and supports their business and mission-critical processes and services in the most secure and efficient manner. It was developed as part of a collective effort by the National Institute of Standards and Technology (NIST) Cloud Computing Public Security Working Group and is referred to as NIST Special Publication 500-299. NIST was tasked by the U.S. Chief Information Officer with specific activities aimed at accelerating the adoption of cloud computing. The study collected, aggregated, and validated data for a Public cloud, considering all three cloud service models – Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) – and all cloud Actors (i.e., Consumer, Provider, Broker, Carrier, and Auditor). The NCC-SRA is agnostic with respect to cloud deployment model, and its methodology can easily be applied to Private, Community, or Hybrid clouds.