Published in CIO Europe / Banking CIO Outlook.
The idea of making the internet or corporate network dark has gained serious momentum since the introduction of Software Defined Networking (SDN). This has enabled a new concept called Software Defined Perimeter (SDP) — or what some practitioners are calling BlackCloud.
The concept is simple but powerful: rather than building bigger walls around your network, you make the network itself invisible. No open ports. No exposed services. No attack surface for adversaries to probe.
SDP works by requiring authentication and authorisation before any network connection is established. A controller validates identity, device posture, and context. Only then is a dynamic, encrypted, point-to-point connection created between the user and the specific application they need. The network never becomes visible.
Why this matters now
Traditional perimeter security assumes that threats come from outside. But in a world of cloud applications, mobile workers, and supply chain compromises, the perimeter has dissolved. Attackers are already inside — either through compromised credentials, third-party access, or lateral movement from an initial foothold.
The BlackCloud model neutralises these attack paths. Without a network to move laterally through, attackers have nowhere to go. Without open ports to scan, there is no attack surface to map. The infrastructure simply doesn’t exist from the adversary’s perspective.
Read the full article in Banking CIO Outlook →
← All writing