Key Takeaway
In May 2021, gas stations in the US Southeast faced long lines due to the Colonial Pipeline shutdown, caused by hackers exploiting a legacy VPN account with only single-factor authentication. This incident highlighted vulnerabilities in cybersecurity, as confirmed by then-CEO Joseph Blount during a Senate hearing. A Cisco study revealed that only 33% of IT leaders trust their security measures against identity-based attacks. The traditional notion of a secure network perimeter is outdated, with cloud infrastructure and remote work creating a complex security landscape. Cisco’s VP noted that 94% of leaders believe this complexity undermines overall security.
In May 2021, long lines appeared at gas stations throughout the US Southeast, driven not by a natural disaster but by the shutdown of the Colonial Pipeline.
The hackers’ entry point was surprisingly straightforward. During testimony before the US Senate, then-Colonial Pipeline CEO Joseph Blount revealed that the hackers accessed the system through a single legacy VPN account that lacked essential modern security measures. “In the case of this particular legacy VPN, it only had single-factor authentication,” he explained to senators. One password, without any additional verification, resulted in a declared state of emergency.
This represents the new frontline in cybersecurity. While many envision cyber warfare as intricate code-breaking, the reality is often simpler and more destructive. A recent Cisco study, its 2025 State of Identity Security report, confirmed that this is the primary battleground today, revealing that only 33% of IT leaders trust their current security infrastructure to thwart an identity-based attack.
The collapsed perimeter and the zero trust mandate
The idea of a secure corporate network perimeter is a myth. With cloud infrastructure, numerous SaaS applications, and a global remote workforce, the network edge exists everywhere and nowhere. As Matt Caulfield, Cisco’s VP of Identity & Duo, points out in the report: “94% of leaders believe that complexity in identity infrastructure decreases their overall security.”
Leave a Comment