Table of Contents
The Internet, as a communication medium, has been evolving. This evolution, unfortunately, has brought with it growth in Internet-based attacks, and corresponding growth in security technologies to fight these attacks. But, with this growth in security technologies, unintended complexity for security professionals has intensified. Described in this study are the factors contributing to security management complexity; why enhanced manageability tools are the right remedy; and the phases through which these management tools will evolve.
A Richer World of Internet-Based Communication
How people interact and communicate via the Internet has changed with social media and other forms of communication, computing, and collaboration. Gone are the days in which a Web browser was used as a one-way tool to obtain information from the Internet; and interactive information was only exchanged via e-mail. Web browsers are now the bi-directional interface for a number of communication channels, including Facebook, LinkedIn, Twitter, Skype, and many others. The growth of Internet communication channels is exacerbated by the proliferation of mobile computing platforms and the corresponding availability of mobile and Web applications, providing a wealth of personal and corporate identifiable information to cyber miscreants.
Increasingly Worrisome Vulnerabilities, Threats, and Attacks
This new world of rich and dynamic Internet-based communication channels has brought with it a host of new vulnerabilities. While each vulnerability is a cause for concern, that concern is greater when the intent of malicious actors is financial gain. Furthermore, with profit as a motive, the actors have become more sophisticated (multi-variable exploits) and stealthier than were the earlier perpetrators of malicious activity, which were driven by the quest for notoriety.
No surprise that information security professionals are feeling the impact.
Increasing Complexity Created by a Multitude of Security Technologies
The increasing sophistication and breadth of threats has driven an evolution in the type and number of security technologies. Among those security technologies are:
- Anti-virus software is used to prevent, detect, and remove malware from client devices such as PCs, tablets, and smartphones.
- Web content security protects users and their organizations from Web-based malware, corporate-unsanctioned content, and malicious URLs.
- E-mail content security filters and strips e-mail of phishing schemes, spam, malicious links, inappropriate images or content, and malware.
- Intrusion prevention systems (IPS) monitor network traffic for malicious activity and provide security professionals with mitigation tools.
- Data loss prevention (DLP) detects and lessens instances of nefarious and unintended outward flow of sensitive data
- Distributed denial of service (DDoS) identification and mitigation technologies provide protection against resource-robbing and Web site-disrupting attacks.
- Encryption encodes data or information in such a way that third parties cannot read it, but authorized parties can.
- Network Access Control (NAC) manages device access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network and what they can do.
- Stateful inspection and next generation, context-aware firewalls create a barrier between trusted, secure internal network and the Internet.
Network and Information Security Professionals Need Help
The security industry has been commendable in creating new point solutions to address the evolving threat landscape. However, an unforeseen consequence has developed. As the complexity of the threats being combatted increased, the complexity of the security technologies used to combat the threats also increased. Additionally, as the number of security technologies grew, so did management complexity in terms of controls and data. This problem of complexity is further exacerbated by an expanding universe that security professionals are tasked to secure as more organizations supplement their IT resources with cloud services, and employees increasingly access corporate resources through their personal mobile devices—a trend often referred to as bring your own device (BYOD).
The increasing complexity of network and information security is being addressed by security teams that are already overtaxed. In a recent survey conducted by Frost & Sullivan of over information security professionals, percent report that their organizations have too few information security workers.
Get Industry Insights. Simply.
Talk to Ahmad
+1 718 618 4302
“Rise in security breaches and incidents among the enterprises is expected to drive the growth of the security technologies market during the forecast period” The report titled The Top 10 security ...
“Growing demand for managed network services, greater network accessibility, and superior network security, and the need for improving the business process at a minimum cost are driving the managed network ...
“The rising security breaches targeting enterprises and increasing sophistication of cyber-attacks are driving the incident response services market” The incident response services market size is estimated ...