IT Forum

The Gates of IT Security

IN the year 2010, network security is guaranteed to be vastly different than what people see, deploy and rely on today. Much like the physical security of valuable assets and property has evolved over time, network security also must evolve in order to protect the tangible and intangible assets in today's enterprise.

The rapid growth of exploits against network vulnerabilities and the constant development of new regulatory compliance requirements are just a few of the facets driving the need for change. Today's network security is certainly effective and capable of fulfilling a range of both protective and informative roles within the enterprise, but the pace of change and the pressures affecting the network will drive it in new and interesting directions.

The enormous profit to be gained from exploiting and gaining control of network assets, and ultimately capturing sensitive data is now too great for the attack side of the equation to remain with the casual or glory-seeking hacker. The profit potential not only brings in some of the most deviant criminal minds, but by default it also increases the complexity and sophistication of the attack and, in turn, motivates the criminals to organize and leverage their collective capabilities. The expanding threat landscape, particularly in the area of creativity and complexity, means that the security landscape also must adapt and change.

In the past three to five years, the industry has already seen material shifts in the foundation and logic of how effective network security is developed, deployed and supported. Legacy approaches, such as signature-based (a.k.a. anti-virus) solutions, have already outlived their usefulness, proving to be largely ineffective against today's sophisticated forms of attack. A signature approach to blocking an inbound attack on a company's network requires a knowledge and understanding of each individual attack, making this form of security far too reactive to serve the security needs of organizations today. Today's attacks simply come too fast and too frequent to be blocked by any responsive or reactive measures.

Taking Preventive Measures
Pre-emptive approaches to network security have taken hold in today's network and are addressing the majority of prevalent threats circulating through the Internet. Preemptive security requires an in-depth understanding of not only how networks and network assets operate, but more importantly, how those assets can be exploited. This type of understanding is achieved by researching the inherent vulnerabilities in network protocols, operating systems and business applications. The results from such research then need to find their way into security products and content, thus protecting the network in advance of the presence of the threat. This approach to security is what marked the transition of many security deployments from the role of detecting and alerting attacks on the network to blocking attacks on the network. In this stage, network security moved to an active, integrated role within the framework of the overall data network as opposed to being just an afterthought.

A new challenge surfacing is providing network security with the components required to protect the threatened network by outnumbering the base components that run the network. In the current security deployment model, security devices can conceivably make up a one-to-one ratio on the number of switches, routers and firewalls used within the network. The requirement for and presence of point security solution appliances will soon threaten to exceed the network's ability to integrate and leverage the benefits of the solution.

A Strong Response
It is a given that this solution approach will soon lose its ability to scale and become too cumbersome to deploy and manage, inadvertently introducing another point of vulnerability within the network. Security solutions in the next two to four years must evolve quickly so that the protection continues to stay ahead of the threat and manifest itself in a form that is deployable and digestible by the organizations of tomorrow. In the near term, individual security components will have to share information and direction amongst themselves, versus operating in individual silos as they do today. Response information to a particular attack needs to be shared automatically based on the intelligence that each unit is processing.

Leveraging these near-term advancements, the security framework for 2010 will migrate towards that of a preconfigured, remotely packaged and deployed services-based construct that each organization can tailor and access on demand. Web-based interfaces will be brought to bear and exposed to the ultimate end user, allowing them to quickly configure and integrate a security solution that fits both their network and defense requirements. A "click, provision and protect" process will allow organizations to easily and quickly bring in protection for specific needs such as security for VoIP deployments; protection for a single remote office or a group of remote offices; or specific e-mail protection. The future security solution will remove the burden of box overload and also minimize the cost of ongoing maintenance and updates. Security needs can be turned on and off as required and only impact the network when and where needed -- in a manner that is completely tailored for the needs of the network administrator.

In 2010, separate, isolated security technologies will give way to integrated security platforms that automatically protect organizations against a wide variety of threats. In addition to providing stronger, more comprehensive network protection, such platforms also will significantly streamline security operations and costs. As online attackers gain sophistication, the security industry also must continue to evolve. Moving forward, we cannot rely just on technology to do the job, we'll need to continue to innovate with cutting-edge research and a sharp, creative focus on what the hackers will do next and the easiest ways for organizations to thwart their attempts.

Featured

  • It's Show Time

    I am one of those people that likes to see things get bigger and better. As advertised, ISC West is going to be bigger (more exhibitors) and better (more attendees). It’s show time in Las Vegas. Read Now

    • Industry Events
    • ISC West

  • SIA Releases New Report on Operational Security Technology

    The Security Industry Association (SIA) has released an impactful new resource – Operational Security Technology: Principles, Challenges and Achieving Mission-Critical Outcomes Leveraging OST. Read Now

  • Cyber Overconfidence Is Leaving Your Organization Vulnerable

    The increased sophistication of cyber threats pumped by the relentless use of AI and machine learning brings forth record-breaking statistics. Cyberattacks grew 44% YoY in 2024, with a weekly average of 1,673 cyberattacks per organization. While organizations up their security game to help thwart these attacks, a critical question remains: Can employees identify a threat when they come across one? A Confidence Gap survey reveals that 86% of employees feel confident in their ability to identify phishing attempts. But things are not as rosy as they appear; the more significant part of the report finds this confidence misplaced. Read Now

  • Mission 500 Debuts Refreshed Identity Ahead of Security 5K/2K at ISC West

    Mission 500, the security industry’s nonprofit charity dedicated to supporting children in need across the US, Canada, and Puerto Rico, has unveiled a refreshed brand identity ahead of ISC West. The charity’s new look includes a modernized logo with refined messaging to reinforce Mission 500’s nearly decade-long commitment to serving the needs of children and families in crisis. Read Now

    • Industry Events
Most   Popular

New Products

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance.