Cyberspace in 2017 – decades after its creation – remains a free-fire zone. A multiplicity of actors, the absence of norms and inadequate cybersecurity standards that fail to mitigate the modern kill chain creates the perfect storm for a simmering online insurgency quickly picking up steam. Sophisticated cyber espionage campaigns carried out by nation states are escalating, from Pawnstorm to the MenuPass Group. Meanwhile, individuals – for a variety of reasons – are turning toward organized hacktivism.

For the forseeable future, governments won’t – and may not be able to – civilize the new cyberspace, and this necessitates a defensive paradigm shift. Perimeter security is no longer sufficient. What we need is a cybersecurity architecture that mimics a SuperMax prison.

Doing so requires a deeper understanding of how attackers attack, and what they do once they are inside the castle walls. You have to know your network inside and out.