Security 2004: How it will shape up

[InfoSec News <isn () c4i org>]

Forwarded from: "eric wolbrom, CISSP" <eric () shtech net>

http://news.com.com/2010-7355-5136537.html

By Jon Oltsik
January 7, 2004

Even with growing security budgets and abundant technology choices,
2003 was a mixed year for information security professionals.

Internet business processes, new technologies and more regulations
combined to impose unique security concerns on overburdened security
staffs. What's more, the year was punctuated by numerous malicious
code attacks that led to business interruption, constant emergency
activity and lots of overtime.

Security will remain a hot topic in 2004, but while the general theme
may seem the same, the particular notes will be different. How will
things shape up? Something like the following...

More malicious code, more often

Given "malware" like SQL Slammer, MSBlast and SoBig.F, 2003 was the
costliest year in cyberhistory. This presents a frightening picture
for 2004. Blended threats, damaging payloads and enhanced social
engineering prove that the bad guys are getting smarter, meaner and
better organized. Blaming Microsoft will remain a popular cop-out in
2004, but smart CIOs will take direct action through enterprise
antivirus coverage, server hardening, disciplined patch management,
and--last but hardly least--constant vigilance.


Security appliances galore

Word from the fashion houses in Milan, New York and Paris has it that
security appliances are going to be in. The market will see a barrage
of multifunction appliances like the Symantec 5400 that ships with
firewall, VPN (virtual private network) and antivirus features, as
well as content filtering. Also, expect more Windows-based security
appliances. Don't laugh but Microsoft knows how to play the appliance
game; just look at the dominant position it established in the
network-attached storage business. Windows security appliances make a
lot of sense for shops that depend upon Active Directory and Microsoft
Operations Manager.


Intrusion prevention rhetoric intensifies

Perimeter security battles will be won and lost over which products
can most thoroughly block attacks with the highest possible
performance. IT folks will have to decide whether to purchase
"application-aware" firewalls from Check Point, Cyberguard and
NetScreen or intrusion prevention system (IPS) boxes from TippingPoint
or TopLayer Networks. Either way, a lot of money is to be made as
oodles of legacy software-based firewalls gets replaced with these New
Age firewall/IPS devices.


Increased defense in security architecture

Customers will take advantage of an onslaught of low-priced devices to
establish greater layered e-mail, content filtering and antivirus
defenses.  In this way, security industry economics and blind luck
will help combat the growing threat presented by malicious coders. In
a more active move, IT shops will add internal firewall and virtual
LANs to segment networks into secure domains. Look for new specialized
products that tie into network directories and authentication servers
providing dynamic policy-based security and advanced auditing
capabilities.


Policies, processes and training finally get some attention

The trend toward hiring chief information security officers, or CISOs,
will continue to accelerate and these high-priced folks will be doing
a lot more than monitoring firewall logs, or updating virus
definitions. Their first task will more likely be an assessment of
current security operations followed by an action plan of needed
changes. Expect CISOs to make their mark by revamping security
policies and attempting to inject security into corporate culture--a
tall but necessary order. This activity will be a boon to service
providers and consultants like Accenture, IBM Global Services and
Unisys.


Strategic projects start to move from back to front burner

The influx of CISOs will also force IT folks to take a closer look at
the increasing overlap between security and business processes. This
will inspire proactive investigation of questions like: Can
policy-based security help provide better service to customers? Will
an enterprise identity management implementation streamline processes
and save costs? Can centralized security management lower staffing
requirements while enhancing security? Don't expect much more than
fact-finding activity, but after years of reactive behavior, this
strategic activity will be a welcome change.


Financial movement remains robust

As the end of 2003, Check Point bought Zone Labs and VeriSign grabbed
Guardent. Big players like Cisco Systems, Microsoft, Network
Associates and Symantec also gobbled up security companies. Merger and
acquisition activity will accelerate this year, and we may even see a
few initial public offerings. All this means industry consolidation,
as 800-pound security gorillas try to outmaneuver each other to
achieve industry dominance.


Security epiphanies?

The security story will continue its slow push into corporate
awareness and culture. Still, don't expect any miracles. There remains
a huge gap between the security and business views of the world.
Nevertheless, even baby steps will make 2004 a good year for the
security industry and corporate protection.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.