RSA Conference 2013: A Perspective on Security Technologies
RSA Conference at San Francisco is an annual event where the best of the security product vendors and industry experts convene to share & exhibit their security offerings. Participating in this conference last week (25-Feb to 28-Feb) alongwith the leaders and visionaries in the IT Security was an enlightening experience. It not only showcased some of the best products available today in the security industry, but also highlighted some of the upcoming trends in the security technology. In the next couple of years we will see some of the following technology areas that will dominate the security landscape.
1. Antivirus is not enough : Protection from Advanced Persistent Threats (APTs) is on the highest priority. Sophisticated malware originating from professional hacking groups as well as from some Government establishments have been making targeted attacks on large corporations and other national infrastructure for quite a while now. Even small & medium-sized businesses are not spared. Traditional signature-based protection mechanisms have proved inadequate in so many of the cases that have been reported. The shift is towards the advanced, behavior & heuristic-based network perimeter and end-point protection solutions that would protect your IT infrastructure from the unknown or so-far-not-seen attack vectors. A number of security services providers are continuously monitoring the Internet traffic and building intelligence repositories for providing specialized consulting services & protection to enterprises under attack.
2. Data Center & Virtualization Security : Data Center consolidation is happening ! When you move your 20 physical servers onto a single virtualized platform, you need to worry about the security issues surrounding the individual virtual machines, the underlying hypervisor as well as the virtualization management consoles. And when your host count runs into 10s of thousands, virus & malware protection in a virtualized world is still one of the big challenges. Many of the solutions are built around specific products such as VMWare. But a complete virtualization solution that will help you protect a diverse set of Operating Systems across different virtualization platforms is still missing. These will evolve over the next couple of years.
3. Big Data & Analytics : If you want to “manage” something – you need to monitor it closely. As the number of devices and the events that you monitor grows, it is becoming more and more crucial to get the right data at the right time. There have been a number of log management products that provide event correlation and alerting features. But the products that give you an ability to pull together vital information about a security breach sifting through terabytes of data in fraction of seconds will lead the big data security solutions.
4. Mobility & BYOD Challenges : With ubiquitous mobile devices in all shapes and sizes and with a host of operating systems entering the enterprise boundaries, end-point protection has never been tougher. Mobile device management and Mobile App security are two of the key areas in which a number of solutions are forthcoming. Many of these solution work on a “sandbox” approach where-in the permitted apps are run only in a secluded environment within the device. These solutions enforce strict policies around what the apps can and cannot do so as to restrain a misbehaving app and also prevent leakage of intellectual property by restricting user actions such as copying or e-mailing.
5. Machine-2-Machine (M2M) Security : When it comes to communicating to and within machines, whether it is smart grids, or industrial process control or management of oilrigs or communication systems in auto industries…IT-based and embedded systems controls are critical access points that need to be protected. As they say it – this is the one ring that rules all ! Security solutions around proprietary embedded systems and their integration with the ever expanding IP-world is another area to look for.
6. Cloud Security : Most security solution providers have already adapted their solutions to meet the new challenges in the cloud-based deployments. Whether you are implementing Identity & Access management or Security Governance and Regulatory Compliance management tools, there are a number of providers who claim to have “cloud-ready” offerings. A number of other security services such as Vulnerability scanning, static & dynamic code analysis, are now available on the cloud and also for the cloud!
Large enterprise need to work on securing their assets in at least 2-3 of the above domains and hence need to be careful in selecting a solution or a set of solutions that will integrate with each other very well. These solutions need to be implemented to their fullest capability to ensure comprehensive coverage and maximum protection from the ever-growing threat landscape.