The security year ahead

Shaul Efraim, VP products and marketing, Tufin Technology

In 2011, network security teams will find themselves managing more firewalls from multiple vendors. Those firewalls will be serving multiple purposes, ranging from traditional perimeter security to the segmentation of internal networks. The resulting configuration change management requirements will force teams to plan and execute faster, smarter and more accurately. Integrating, adapting and managing a diverse network of firewalls from multiple vendors is a costly, time-consuming and monumental task for any organisation's IT security team.

This is where the need for central management and automation comes in. The progress made along these lines in 2009 and 2010 will become mainstream in 2011, allowing for the effective management of multiple firewalls, routers and switches across different vendors so companies can see the bigger picture while dramatically cutting the time and costs associated with managing each piece of the puzzle. Teams that can do a better and faster job of managing security and compliance will be better equipped to deal with the emerging threats of 2012 and beyond - and there will be plenty of those!

Brian Chess, founder and chief scientist, Fortify Software

A smart use of software security assurance (SSA) is to evaluate the software of any company being acquired and to negotiate a price break if investment is needed to make that software more secure. Systems integrators and outsourcers should be held to a standard of security and deploy SSA to ensure it; and their customers should demand nothing less from them because otherwise they themselves assume all the risk.

The Google/China hack is an example of how insider threats are amplified in a tighter economy where jobs are harder to come by and layoffs are rampant. Major financial institutions are acknowledging the vulnerability of software to insider threats.

Risk is also very high for Twitter, which is creating a new market that has no value at the moment. The market risk has come down but the security risk has skyrocketed and is a corresponding upward trend. Uber-investing in security early on would have been a waste of time and money. At some point the two graphs crossed: the market risk went down and the security risk went up.

Calum Macleod, EMEA Director, Venafi

There will be a major increase in the deployment of encryption technology, primarily in the use of encryption certificates and keys. Encryption inventories will likely grow from between 30% and 50% year on year in large organisations. Encryption is becoming a de facto requirement so expect a major growth in the acquisition of certificate and key generation technology.

Encryption key and digital certificate management is another trend. Companies are starting to encrypt everything that moves, so it is more critical that they manage the encryption assets. Companies have no systems in place today and rely on manual management processes to track where the certificates and keys are, what the dates are for their active lifetimes, how they were generated, etc.

More chief security officers will end up on the dole in 2011. Too many organisations are failing to address encryption management effectively because it is in the hands of a few staff whose prime objective is to protect their own domain rather than get a grip on key management, segregation of duties, access controls, etc.

Finally, the trend towards cloud computing will force organisations to reassess how they manage security in the cloud. Traditional methods of managing and distributing keys and certificates are simply not viable in a virtualised cloud environment.

Amichai Shulman, CTO, Imperva

Nation-sponsored hacking, as embodied in the Stuxnet worm, will build on concepts and techniques from the commercial hacker industry to create more powerful advanced persistent threats (APT).

There will be more data theft, and security breaches will be tied to insiders. The cause of the trend will be the emphasis put on new regulations covering the act of notification and disclosure (rather than the actual protection of data).

Social network security will improve this year. Prominent social networks and tools will place more effort on security rather than privacy.

File security will become more important. It will be driven by a greater number of data breaches where compromised data is in the form of files rather than database records.

Data security will go to the cloud. There will be an increase in application security offerings in the cloud and we will see some early security in the cloud offerings.

Cybersecurity will turn into a business process. Chief information security officers and security professionals generally will need to  become business process experts so they can protect data as it flows through the enterprise.

Hackers will start feeling the heat. In response, the hacking industry will consolidate, with amateurs shutting down and larger, organised groups joining together.

There will also be a convergence of data security and privacy regulation worldwide. As more governments implement data security and privacy laws, a convergence will take place worldwide.

Daniel Joseph Barry, vice-president of marketing, Napatech

The main challenge in 2011 will be keeping up with the dual challenge of detecting more sophisticated attacks and detecting them at higher speeds. Cybercrime is becoming more sophisticated, with an increasing number and variety of attacks. According to Trend Micro, the number of unique malware samples has exploded in the last 10 years. This trend will continue and require more powerful network security appliance solutions capable of detecting and blocking the vast number of unique malware samples before they cause problems in the network.

According to the Atlas Observatory, internet data traffic is growing between 40% and 60% every year. This means that in two years, internet data traffic will double, and within six years we will see 10 times the internet traffic we see today.

In short, there will be a lot more data to examine and a lot less time to react. It also means that if a threat is not detected in time, it will be able to proliferate throughout the network in a matter of milliseconds.

Phil Lieberman, president and CEO, Lieberman Software

In-house and internal threats will be a big element in 2011 as organisations begin to understand that anti-virus/malware/phishing software is no longer effective. There will be an epiphany that critical infrastructure is under constant attack and that there is a serious need to implement more comprehensive security software and human assets to counter the expanding security threats. This will translate to a widespread realisation that modernisation of infrastructure and enhanced education in human resources to implement these systems are necessary.

In 2011 we will also see a change in mindset for security from a series of checkboxes and point-in-time compliance to a new way of thinking: continuous compliance.

There will also be a massive shift from Windows XP to Windows 7 as companies realise the impossibility of trying to protect XP against security threats. This year many software companies will discontinue XP support for their applications.

Software companies will try to grab ever higher levels of revenue for support and upgrades in 2011. This will be helped by small companies realising their inability to create secure solutions.

There will be a massive wave of hardware upgrades to support modern and secure operating systems, new sales of cloud offerings as SMEs realise the advantages of cloud computing, and enhanced understanding of insider threats and implementation of solutions to manage privileged accounts.

Ray Bryant, CEO, Idappcom

State-sponsored cyberwarfare will grow. GhostNet, an alleged Chinese hacking network, was discovered last year. It had penetrated 103 countries and 1,300 computers and targeted foreign ministries, embassies and Nato headquarters. If the West believes that Beijing is involved, it won't be long before state-sponsored retaliation is on the agenda.

As the use of social networking and personal e-mail sites continues to encroach on work time, so the need for monitoring the movement of data through the use of the company networks will increase. This is amplified by the use of apps such as Sharepoint and the PCIDSS move to mandate the protection of files. Expect to see far more emphasis on data leakage prevention in 2011 and more disclosure of data leakages due to increased regulation.
Carriers will start being held responsible for traffic, so that the security will have to be at the ISP, or the internet relay points. However, the internet is slow enough already. If we believe what we are told then the web is about to collapse under the strain, so just maybe IPv6 will come into its own in 2011. And that will raise all sorts of new challenges.

Bob Heard, chief executive officer and founder, Credant

First up on the 2011 trends list is consumerisation - employees using their own devices and services within the business. More and more people are using their own smartphones and laptops to the point where it is significantly driving IT strategies and, just as importantly, security challenges. When employees carry gigabytes of sensitive data around on their own laptops, and then leave the company, who's going to make sure that data is still safe? And, legally, who owns what? Expect IT security teams to continue to lose sleep over this one in 2011 and beyond.

The use of custom malware in data breaches will continue to rise. The smart criminals have already realised that the best way to steal saleable information (such as credit card numbers, home addresses and medical records) is to plant highly specialised software in corporate networks and let it do all the hard work. In the face of this kind of high-tech theft, traditional approaches to security often fail. As a result, 2011 will see more effort devoted to keeping bad software out of corporate networks, and laying even more security around the data itself, such as encryption both in motion and at rest.

Finally, as the storage capacity of removable media carries on growing in 2011, organisations will be battling to ensure that data moved to and from these cheap, disposable, and hard-to-track devices is secure. With terabyte-sized devices small enough to fit into an employee's pocket and available very cheaply, the risk of major breaches associated with these storage devices will continue to rise through 2011 and beyond.

This was first published in January 2011

Join the conversation Comment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.