IT Forum

The Gates of IT Security

IN the year 2010, network security is guaranteed to be vastly different than what people see, deploy and rely on today. Much like the physical security of valuable assets and property has evolved over time, network security also must evolve in order to protect the tangible and intangible assets in today's enterprise.

The rapid growth of exploits against network vulnerabilities and the constant development of new regulatory compliance requirements are just a few of the facets driving the need for change. Today's network security is certainly effective and capable of fulfilling a range of both protective and informative roles within the enterprise, but the pace of change and the pressures affecting the network will drive it in new and interesting directions.

The enormous profit to be gained from exploiting and gaining control of network assets, and ultimately capturing sensitive data is now too great for the attack side of the equation to remain with the casual or glory-seeking hacker. The profit potential not only brings in some of the most deviant criminal minds, but by default it also increases the complexity and sophistication of the attack and, in turn, motivates the criminals to organize and leverage their collective capabilities. The expanding threat landscape, particularly in the area of creativity and complexity, means that the security landscape also must adapt and change.

In the past three to five years, the industry has already seen material shifts in the foundation and logic of how effective network security is developed, deployed and supported. Legacy approaches, such as signature-based (a.k.a. anti-virus) solutions, have already outlived their usefulness, proving to be largely ineffective against today's sophisticated forms of attack. A signature approach to blocking an inbound attack on a company's network requires a knowledge and understanding of each individual attack, making this form of security far too reactive to serve the security needs of organizations today. Today's attacks simply come too fast and too frequent to be blocked by any responsive or reactive measures.

Taking Preventive Measures
Pre-emptive approaches to network security have taken hold in today's network and are addressing the majority of prevalent threats circulating through the Internet. Preemptive security requires an in-depth understanding of not only how networks and network assets operate, but more importantly, how those assets can be exploited. This type of understanding is achieved by researching the inherent vulnerabilities in network protocols, operating systems and business applications. The results from such research then need to find their way into security products and content, thus protecting the network in advance of the presence of the threat. This approach to security is what marked the transition of many security deployments from the role of detecting and alerting attacks on the network to blocking attacks on the network. In this stage, network security moved to an active, integrated role within the framework of the overall data network as opposed to being just an afterthought.

A new challenge surfacing is providing network security with the components required to protect the threatened network by outnumbering the base components that run the network. In the current security deployment model, security devices can conceivably make up a one-to-one ratio on the number of switches, routers and firewalls used within the network. The requirement for and presence of point security solution appliances will soon threaten to exceed the network's ability to integrate and leverage the benefits of the solution.

A Strong Response
It is a given that this solution approach will soon lose its ability to scale and become too cumbersome to deploy and manage, inadvertently introducing another point of vulnerability within the network. Security solutions in the next two to four years must evolve quickly so that the protection continues to stay ahead of the threat and manifest itself in a form that is deployable and digestible by the organizations of tomorrow. In the near term, individual security components will have to share information and direction amongst themselves, versus operating in individual silos as they do today. Response information to a particular attack needs to be shared automatically based on the intelligence that each unit is processing.

Leveraging these near-term advancements, the security framework for 2010 will migrate towards that of a preconfigured, remotely packaged and deployed services-based construct that each organization can tailor and access on demand. Web-based interfaces will be brought to bear and exposed to the ultimate end user, allowing them to quickly configure and integrate a security solution that fits both their network and defense requirements. A "click, provision and protect" process will allow organizations to easily and quickly bring in protection for specific needs such as security for VoIP deployments; protection for a single remote office or a group of remote offices; or specific e-mail protection. The future security solution will remove the burden of box overload and also minimize the cost of ongoing maintenance and updates. Security needs can be turned on and off as required and only impact the network when and where needed -- in a manner that is completely tailored for the needs of the network administrator.

In 2010, separate, isolated security technologies will give way to integrated security platforms that automatically protect organizations against a wide variety of threats. In addition to providing stronger, more comprehensive network protection, such platforms also will significantly streamline security operations and costs. As online attackers gain sophistication, the security industry also must continue to evolve. Moving forward, we cannot rely just on technology to do the job, we'll need to continue to innovate with cutting-edge research and a sharp, creative focus on what the hackers will do next and the easiest ways for organizations to thwart their attempts.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3