Deperimeterisation celebrates first birthday

The concept of making data secure at every level, rather than just securing the edges of networks, is gaining ground, according to the Jericho Forum
Written by Dan Ilett, Contributor

The Jericho Forum, the information security group campaigning for better products, is one year old on Friday.

The group was formed by a group of FTSE 1,000 chief security officers (CSOs) who wanted to take the lead in thinking of ways to develop IT security, especially the concept of deperimeterisation -- making data secure at every level, rather than just securing the edges of networks -- according to the Jericho Forum.

Paul Simmonds, global information security director for ICI and a Jericho Forum co-founder, said that understanding of deperimeterisation had grown in the 12 months since the Forum invented the concept.

"Now if you type deperimeterisation into Google, it comes up with thousands of hits," Simmonds told ZDNet UK.

"We've achieved phenomenal things in the year," Simmonds added. "I suppose the key thing is that people are talking about deperimeterisation. A year ago people weren't discussing what we needed them to, which was how we improve security. All we were talking about was tactical things like patching and intrusion prevention. It was all reactionary."

The Jericho Forum is about to publish a White Paper on perimeterless networks and what its members must produce to achieve this.

When the group formalised last year and started to charge for membership it promised to open its doors to vendors, something Simmonds said it still intends to do.

"We will allow vendors in because now we've defined the problem," he said. "We always said we would once we'd done that. The hope is that vendors are joining for the right reasons and that is that they want to participate. From a vendor point of view they will probably want to sell us the right products."

In a statement, the Jericho Forum said part of its vision was to ensure shared security services, to avoid the cost of building services in each company and to make products conform to open security standards to simplify security management.

Editorial standards