Organizations should accept that they'll be breached and protect their data based on that assumption, he said. "It's easy to get into a bank," he said. "What's hard is getting to the money, because it's in a safe."
Not everyone agrees with Gonen's analysis. "Better perimeter solutions are needed that are effective and workable," George Tubin, a senior security strategist with Trusteer, a Boston-based cyber security company said in an interview.
"That's the direction we need to go instead of throwing up our hands and saying, 'Let's figure out what to do after the breaches happen because we can't stop them,'" he said.
The new perimeter is made up of the endpoints of the network, he added. "That's where the battleground is," he said. "You have to beat the criminals there and not allow them to compromise that device."
Read more about data protection in CSOonline's Data Protection section.