IT Forum

The Gates of IT Security

IN the year 2010, network security is guaranteed to be vastly different than what people see, deploy and rely on today. Much like the physical security of valuable assets and property has evolved over time, network security also must evolve in order to protect the tangible and intangible assets in today's enterprise.

The rapid growth of exploits against network vulnerabilities and the constant development of new regulatory compliance requirements are just a few of the facets driving the need for change. Today's network security is certainly effective and capable of fulfilling a range of both protective and informative roles within the enterprise, but the pace of change and the pressures affecting the network will drive it in new and interesting directions.

The enormous profit to be gained from exploiting and gaining control of network assets, and ultimately capturing sensitive data is now too great for the attack side of the equation to remain with the casual or glory-seeking hacker. The profit potential not only brings in some of the most deviant criminal minds, but by default it also increases the complexity and sophistication of the attack and, in turn, motivates the criminals to organize and leverage their collective capabilities. The expanding threat landscape, particularly in the area of creativity and complexity, means that the security landscape also must adapt and change.

In the past three to five years, the industry has already seen material shifts in the foundation and logic of how effective network security is developed, deployed and supported. Legacy approaches, such as signature-based (a.k.a. anti-virus) solutions, have already outlived their usefulness, proving to be largely ineffective against today's sophisticated forms of attack. A signature approach to blocking an inbound attack on a company's network requires a knowledge and understanding of each individual attack, making this form of security far too reactive to serve the security needs of organizations today. Today's attacks simply come too fast and too frequent to be blocked by any responsive or reactive measures.

Taking Preventive Measures
Pre-emptive approaches to network security have taken hold in today's network and are addressing the majority of prevalent threats circulating through the Internet. Preemptive security requires an in-depth understanding of not only how networks and network assets operate, but more importantly, how those assets can be exploited. This type of understanding is achieved by researching the inherent vulnerabilities in network protocols, operating systems and business applications. The results from such research then need to find their way into security products and content, thus protecting the network in advance of the presence of the threat. This approach to security is what marked the transition of many security deployments from the role of detecting and alerting attacks on the network to blocking attacks on the network. In this stage, network security moved to an active, integrated role within the framework of the overall data network as opposed to being just an afterthought.

A new challenge surfacing is providing network security with the components required to protect the threatened network by outnumbering the base components that run the network. In the current security deployment model, security devices can conceivably make up a one-to-one ratio on the number of switches, routers and firewalls used within the network. The requirement for and presence of point security solution appliances will soon threaten to exceed the network's ability to integrate and leverage the benefits of the solution.

A Strong Response
It is a given that this solution approach will soon lose its ability to scale and become too cumbersome to deploy and manage, inadvertently introducing another point of vulnerability within the network. Security solutions in the next two to four years must evolve quickly so that the protection continues to stay ahead of the threat and manifest itself in a form that is deployable and digestible by the organizations of tomorrow. In the near term, individual security components will have to share information and direction amongst themselves, versus operating in individual silos as they do today. Response information to a particular attack needs to be shared automatically based on the intelligence that each unit is processing.

Leveraging these near-term advancements, the security framework for 2010 will migrate towards that of a preconfigured, remotely packaged and deployed services-based construct that each organization can tailor and access on demand. Web-based interfaces will be brought to bear and exposed to the ultimate end user, allowing them to quickly configure and integrate a security solution that fits both their network and defense requirements. A "click, provision and protect" process will allow organizations to easily and quickly bring in protection for specific needs such as security for VoIP deployments; protection for a single remote office or a group of remote offices; or specific e-mail protection. The future security solution will remove the burden of box overload and also minimize the cost of ongoing maintenance and updates. Security needs can be turned on and off as required and only impact the network when and where needed -- in a manner that is completely tailored for the needs of the network administrator.

In 2010, separate, isolated security technologies will give way to integrated security platforms that automatically protect organizations against a wide variety of threats. In addition to providing stronger, more comprehensive network protection, such platforms also will significantly streamline security operations and costs. As online attackers gain sophistication, the security industry also must continue to evolve. Moving forward, we cannot rely just on technology to do the job, we'll need to continue to innovate with cutting-edge research and a sharp, creative focus on what the hackers will do next and the easiest ways for organizations to thwart their attempts.

Featured

  • New Research Reveals Global Video Surveillance Industry Perspectives on AI

    Axis Communications, the global industry leader in video surveillance, has released its latest research report, ‘The State of AI in Video Surveillance,’ which explores global industry perspectives on the use of AI in the security industry and beyond. The report reveals current attitudes on AI technologies thanks to in-depth interviews with AI experts from Axis’ global network and a comprehensive survey of more than 5,800 respondents, including distributors, channel partners, and end customers across 68 countries. The resulting insights cover AI integration and the opportunities and challenges that exist with regard to security, safety, business intelligence, and operational efficiency. Read Now

  • SIA Urges Tariff Relief for Security Industry Products

    Today, the Security Industry Association has sent a letter to U.S. Trade Representative Jamieson Greer and U.S. Secretary of Commerce Howard Lutnick requesting relief from tariffs for security industry products and asking that the Trump administration formulate a process that allows companies to apply for product-specific exemptions. The security industry is an important segment of the U.S. economy, contributing over $430 billion in total economic impact and supporting over 2.1 million jobs. Read Now

  • Report Shows Cybercriminals Continue Pivot to Stealthier Tactics

    IBM recently released the 2025 X-Force Threat Intelligence Index highlighting that cybercriminals continued to pivot to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises declined. IBM X-Force observed an 84% increase in emails delivering infostealers in 2024 compared to the prior year, a method threat actors relied heavily on to scale identity attacks. Read Now

  • 2025 Security LeadHER Conference Program Announced

    ASIS International and the Security Industry Association (SIA) – the leading membership associations for the security industry – have announced details for the 2025 Security LeadHER conference, a special event dedicated to advancing, connecting and empowering women in the security profession. The third annual Security LeadHER conference will be held Monday, June 9 – Tuesday, June 10, 2025, at the Detroit Marriott Renaissance Center in Detroit, Michigan. This carefully crafted program represents a comprehensive professional development opportunity for women in security this year. To view the full lineup at this year’s event, please visit securityleadher.org. Read Now

    • Industry Events

  • Report: 82 Percent of Phishing Emails Used AI

    KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today launched its Phishing Threat Trend Report, detailing key trends, new data, and threat intelligence insights surrounding phishing threats targeting organizations at the start of 2025. Read Now

Most   Popular

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.