Last year at Black Hat USA 2014 we met up with a company that was looking to make some changes in the way we protect our data, Ionic Security. The concept was very simple, but the implementation was sure to be complex. I was not sure that what they wanted to accomplish could even happen. However, after a conversation with them I became more than interested. It was a simple concept, but it did not need to be overly complex. To make things even more interesting this was not a truly new idea, but it was one that had never been implemented for real data security.
One of the truths in security is that while an attacker can stay hidden they can continue to operate. In short, if you do not know about something, there is nothing you can do. Now you would think that this fact would encourage firms to talk about breaches and hacks more openly, but this is still not the case. One of the things I have seen over the years is that every company operates as an island. They do not share threat information (they might share your private data, but not threat information). This has created an environment where threat actors can continue to maintain attacks even after discovery at a different location. It is also why we tend to see the same threat vectors used over and over again.