Skip to main content

The Edge: How Do I Know I’ve Found It? Peter Bookman GUARDDOG AI Founder and CEO

In 2020, I authored an article on LinkedIn titled “Welcome to Edge Territory.” (Welcome to Edge Territory – the Hidden Space Between Networks | LinkedIn) The blog was intended to start a series exploring the complexities of edge computing. The idea still intrigues me, and I am considering revisiting it—perhaps as a podcast series. One of the more startling insights from that blog was the projected $10 trillion in damages by 2025, a figure we are now on track to exceed by the end of 2024. Despite $300 billion being spent a year on prevention, this exponential growth in damage continues to outpace our efforts. 

I defined “edge territory” as “the unmapped space beyond the network edge between environments, where secured and unsecured networks and devices collide.” I still find that definition fitting, though I would add that we continually discover new edges beyond what was previously understood. These evolving threats extend beyond manageable devices to unmanaged IoT and edge scenarios in cloud and data center deployments. 

So, the critical question becomes: Where can I find the edge? The edge is everywhere, constantly shifting based on how we use new computing concepts and remain productive in our daily lives, individually and organizationally. 

This dynamic presents a challenge that I highlighted in that earlier blog. The seen and unseen spaces at the edge invite us to cooperate more closely as a community and marketplace. I am thrilled to collaborate with other leaders working tirelessly to provide solutions for visibility and response in edge scenarios. Both attackers and defenders are keenly aware of how vulnerable we are. 

Since 2020, the number of known exploits has grown exponentially. The challenge posed by bounties and threat hunting has been met with increasingly sophisticated tools, making discovery more effective for attackers and cybersecurity teams. One article noted that quarterly disclosed additions to the Common Vulnerabilities and Exposures (CVE) database surged from 8,051 in 2021 to 26,447 in 2022—a staggering 320% year-over-year increase. By January 2024, the CVE database had reached 176,000 entries; as I write this, the number surpassed 240,000. 

What stands out about the edge is how exponential growth is clear across the board: in losses, spending, and the number of identified vulnerabilities. 

Addressing cybersecurity at the edge requires finding the necessary solutions for visibility and response. I want to take a moment to acknowledge and express gratitude to the many vendors, service providers, and companies on the front lines of what can only be described as a war zone in edge territory. A comprehensive approach to edge security might involve intrusion detection systems, Security Operations Centers (SOCs), firewalls, security system management, endpoint management solutions, log management solutions, event management solutions, and strategies for decreasing time for responding to an event that is detected by a tool or professional. 

I also want to highlight the incredible leaders and solutions in the Extended Detection and Response (XDR) space. They focus on device vulnerabilities and work diligently to reduce the meantime to detect and contain threats, using AI and other advanced technologies. For those on the front lines, I hope to bring more awareness to the sheer volume of activity and effort needed to stay ahead of the identified exploits that threaten organizations and individuals. Malicious actors’ use of AI or Machine Learning Models (MLLs) is a growing concern, underscoring that edge territory is constantly evolving. 

A comprehensive approach to edge cybersecurity should begin with network awareness and extend to every connected device. This is a daunting challenge, as most organizations struggle to gather the necessary tools and ability to optimize awareness and response. Recent reports, such as one from Google’s Mandiant, show that the average dwell time—the time it takes to detect a cyber intrusion—has dropped to a record low of 2.24 months. 

As we continue to navigate edge territory, we, as a community, are working together more effectively to observe, identify, protect, and respond. This collective effort can potentially reduce the exponential growth of damage and chart a different course for the future. 

Recent reports, like Sophos’ 2024 State of Ransomware in Healthcare, highlight the rapid increase in attacks on healthcare organizations, with incidents rising from 34% in 2021 to 67% in 2024. These statistics serve as a stark reminder that edge territory is expanding and becoming increasingly dangerous. 

Combined attack vectors or surface information offers a holistic view of edge territory. At the network level, monitoring vulnerabilities and traffic allows for responses. At the device level, observability from the network through the application and data layers covers every aspect of edge territory. 

One reason the Edge continues to evolve, and grow is the expansion of connected services and digital assets. As one analyst from Silicon Angle recently noted, “The edge is now space.” 

I am excited to join my team in applying AI more holistically across edge-to-edge scenarios, offering greater visibility and empowering organizations to respond faster than ever with more connected analytics. With our DCX Offering, we have extended our awareness edge-to-edge and now provide automated detection and containment through isolation. This adds value to any existing solution, creating unprecedented metrics for success, with over 240,000 incidents detected and contained last year alone. 

We are proud to collaborate with our partners, vendors, and industry leaders to improve awareness and make edge territory more visible and approachable for any organization.