In this lesson we will look at data in transit; data moving from one location to another. Traditionally protocols haven't been designed with security integrated. Using IPv4 as an example; what is built in to secure IPv4? The answer is nothing. There is no built-in element of security wit IPv4. Consequently, we're using a protocol for the movement of data across the internet that has no built-in security. Conversely, IPv6 has been designed with security it is integrated with IPSEC (IP Security), a protocol that is part of the IPv6 protocol. IPv6 was designed to be secure. Important points:
- Most protocols and software are inherently insecure
- We need a new philosophy and support from upper management
IPv4 versus Iv6: - IPv4 was not designed to be secure
- IPV6 was designed fully integrated with IPSEC
Unfortunately, there doesn't appear to be any rush to move over to IPv6. Most organizations are firmly rooted in IPv4 (an inherently insecure protocol). What this means is that we're going to have to find means to make IPv4 more secure. Fortunately, we can take IPSEC and make it backward compatible for IPv4.
Chief Information Security Officer (CISO)
In this CISO training course, you will learn what other CISO's are focusing their time and attention on. Among the key topics, you will learn how to implement the proven best practices that make for successful cyber security leadership.