IT Forum

The Gates of IT Security

IN the year 2010, network security is guaranteed to be vastly different than what people see, deploy and rely on today. Much like the physical security of valuable assets and property has evolved over time, network security also must evolve in order to protect the tangible and intangible assets in today's enterprise.

The rapid growth of exploits against network vulnerabilities and the constant development of new regulatory compliance requirements are just a few of the facets driving the need for change. Today's network security is certainly effective and capable of fulfilling a range of both protective and informative roles within the enterprise, but the pace of change and the pressures affecting the network will drive it in new and interesting directions.

The enormous profit to be gained from exploiting and gaining control of network assets, and ultimately capturing sensitive data is now too great for the attack side of the equation to remain with the casual or glory-seeking hacker. The profit potential not only brings in some of the most deviant criminal minds, but by default it also increases the complexity and sophistication of the attack and, in turn, motivates the criminals to organize and leverage their collective capabilities. The expanding threat landscape, particularly in the area of creativity and complexity, means that the security landscape also must adapt and change.

In the past three to five years, the industry has already seen material shifts in the foundation and logic of how effective network security is developed, deployed and supported. Legacy approaches, such as signature-based (a.k.a. anti-virus) solutions, have already outlived their usefulness, proving to be largely ineffective against today's sophisticated forms of attack. A signature approach to blocking an inbound attack on a company's network requires a knowledge and understanding of each individual attack, making this form of security far too reactive to serve the security needs of organizations today. Today's attacks simply come too fast and too frequent to be blocked by any responsive or reactive measures.

Taking Preventive Measures
Pre-emptive approaches to network security have taken hold in today's network and are addressing the majority of prevalent threats circulating through the Internet. Preemptive security requires an in-depth understanding of not only how networks and network assets operate, but more importantly, how those assets can be exploited. This type of understanding is achieved by researching the inherent vulnerabilities in network protocols, operating systems and business applications. The results from such research then need to find their way into security products and content, thus protecting the network in advance of the presence of the threat. This approach to security is what marked the transition of many security deployments from the role of detecting and alerting attacks on the network to blocking attacks on the network. In this stage, network security moved to an active, integrated role within the framework of the overall data network as opposed to being just an afterthought.

A new challenge surfacing is providing network security with the components required to protect the threatened network by outnumbering the base components that run the network. In the current security deployment model, security devices can conceivably make up a one-to-one ratio on the number of switches, routers and firewalls used within the network. The requirement for and presence of point security solution appliances will soon threaten to exceed the network's ability to integrate and leverage the benefits of the solution.

A Strong Response
It is a given that this solution approach will soon lose its ability to scale and become too cumbersome to deploy and manage, inadvertently introducing another point of vulnerability within the network. Security solutions in the next two to four years must evolve quickly so that the protection continues to stay ahead of the threat and manifest itself in a form that is deployable and digestible by the organizations of tomorrow. In the near term, individual security components will have to share information and direction amongst themselves, versus operating in individual silos as they do today. Response information to a particular attack needs to be shared automatically based on the intelligence that each unit is processing.

Leveraging these near-term advancements, the security framework for 2010 will migrate towards that of a preconfigured, remotely packaged and deployed services-based construct that each organization can tailor and access on demand. Web-based interfaces will be brought to bear and exposed to the ultimate end user, allowing them to quickly configure and integrate a security solution that fits both their network and defense requirements. A "click, provision and protect" process will allow organizations to easily and quickly bring in protection for specific needs such as security for VoIP deployments; protection for a single remote office or a group of remote offices; or specific e-mail protection. The future security solution will remove the burden of box overload and also minimize the cost of ongoing maintenance and updates. Security needs can be turned on and off as required and only impact the network when and where needed -- in a manner that is completely tailored for the needs of the network administrator.

In 2010, separate, isolated security technologies will give way to integrated security platforms that automatically protect organizations against a wide variety of threats. In addition to providing stronger, more comprehensive network protection, such platforms also will significantly streamline security operations and costs. As online attackers gain sophistication, the security industry also must continue to evolve. Moving forward, we cannot rely just on technology to do the job, we'll need to continue to innovate with cutting-edge research and a sharp, creative focus on what the hackers will do next and the easiest ways for organizations to thwart their attempts.

Featured

  • 12 Commercial Crime Sites to Do Your Research

    12 Commercial Crime Sites to Do Your Research

    Understanding crime statistics in your industry and area is crucial for making important decisions about your security budget. With so much information out there, how can you know which statistics to trust? Read Now

  • Boosting Safety and Efficiency

    Boosting Safety and Efficiency

    In alignment with the state of Mississippi’s mission of “Empowering Mississippi citizens to stay connected and engaged with their government,” Salient's CompleteView VMS is being installed throughout more than 150 state boards, commissions and agencies in order to ensure safety for thousands of constituents who access state services daily. Read Now

  • Live From GSX: Post-Show Review

    Live From GSX: Post-Show Review

    This year’s Live From GSX program was a rousing success! Again, we’d like to thank our partners, and IPVideo, for working with us and letting us broadcast their solutions to the industry. You can follow our Live From GSX 2023 page to keep up with post-show developments and announcements. And if you’re interested in working with us in 2024, please don’t hesitate to ask about our Live From programs for ISC West in March or next year’s GSX. Read Now

    • Industry Events
    • GSX
  • People Say the Funniest Things

    People Say the Funniest Things

    By all accounts, GSX version 2023 was completely successful. Apparently, there were plenty of mix-ups with the airlines and getting aircraft from the East Coast into Big D. I am all ears when I am in a gathering of people. You never know when a nugget of information might flip out. Read Now

    • Industry Events
    • GSX

Featured Cybersecurity

Webinars

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3