The network perimeter is dead. Now what?

The National Cyber Security Centre (NCSC)’s recent advisory detailing how the Russian cyber actor APT28’s exploited vulnerable routers to enable DNS hijacking highlights a dangerous blind spot in enterprise security today.
Traditional perimeter-based security models are increasingly failing at the edge, and this should be uncomfortable reading for any security leader still anchoring their strategy to perimeter defense.
This is the same story we saw play out in 2024, when Chinese state sponsored bad actors linked to Volt Typhoon exploited an unpatched, end-of-life FortiGate 300D firewall to compromise a domain admin account, escalate privileges, create a new user, and establish persistence deep enough to survive a device restart.
One unpatched edge device. One breach vector. Total access. The perimeter didn’t just fail; it handed attackers the keys. According to the FBI, this breach remained undetected for over 300 days, and the same exploit was used to gain access to over 100 separate utility companies across the US.
These two incidents aren’t outliers. They’re a pattern. And the pattern is telling us that the old model is finished. Add to this the recent news about the power and sophistication of the latest generation of agentic AI tools such as Anthropic’s Claude Mythos, and it really is time to act quickly.
The problem with perimeter thinking
Legacy security was built on a simple assumption: draw a line between trusted internal systems and untrusted external ones, defend the line, and you’re protected. It made sense when company data lived in on-premises data centers and employees showed up to the office. The boundary was real and defensible.
That world is gone. Edge nodes are now everywhere; in factories, retail stores, utility substations, and customer premises, and the clean network borders of the past have either blurred or disappeared entirely. Edge devices themselves rarely have dedicated security capabilities. IoT and OT systems in particular frequently lack the robust features needed to detect and resist advanced threats.
Worse, software-based management tends to fail precisely when it matters most. When the software layer is compromised or unresponsive, organizations lose visibility and control at the exact moment they can least afford to.
Then there’s credential theft. According to Verizon’s 2025 Data Breach Investigations Report, the human element is a factor in 60% of breaches and attackers have become highly effective at exploiting it. They don’t need to break in, they walk in, using legitimate credentials, through the front door.
Once inside, now often augmented by AI capabilities, they move laterally from a single-entry point across operational systems, compromising entire environments in minutes. A security architecture built around password authentication offers almost nothing against this type of attack.
What resilience actually looks like
The security conversation has shifted. For years the focus was on keeping attackers out. That is still necessary, but it’s no longer sufficient. What organizations are increasingly recognizing is that resilience depends just as much on what happens after a compromise; specifically, whether security teams retain visibility and control when it counts.
Lost visibility during an incident, even a contained breach, can quickly spiral and escalate. This is driving a serious rethink of how distributed infrastructure is managed, particularly as edge environments extend further across factories, retail locations, utilities and a myriad of remote sites.
Out-of-band management (OOBM) is one approach gaining real traction here. Rather than relying on the production network for management traffic, OOBM operates on an entirely separate, highly secure parallel path. That means that even when the main network is compromised or down, edge devices remain manageable, visible and controllable.
Crashed devices can be remotely rebooted, or even re-configured. Powered-off devices can still be reached. And critically, administrative access is separated from the primary production network targeted by attackers, thereby reducing exposure to the credential-based attacks that are now the most dominant breach vector.
The operational benefits are real too: fewer costly emergency site visits, faster data recovery times, and preserved control during high-pressure incidents when software management tools have gone dark.
The reckoning
What’s becoming clear is that perimeter security, on its own, is no longer a viable strategy. The edge has expanded too far, credentials are too easily stolen, and attackers are too fast once they’re in.
The organizations that will weather the next wave of incidents aren’t necessarily those with the most sophisticated perimeter defenses. They’re the ones that have accepted the compromise will happen and built the visibility, control and recovery capability to deal with it when it does.
Everyone else is building blind spots. And attackers, increasingly, know exactly where to look.
We've reviewed and ranked the best password managers.
This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.
The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit
This is a preview from the original publisher. Continue reading at the source:
Read Full Article on techradar.com →
