Sunday, November 08, 2009
Google  
Web voicendata.com
  RSS | Archive    
• Saarc CEO Conclave 2009 at Dhaka, Bangladesh from October 30 to November 1, 2009
 Home > GOLDBOOK > GOLDBOOK 2006 > EMERGING TRENDS NETWORK/INFORMATION SECURITY: The Security Race
  GOLDBOOK 2006
EMERGING TRENDS NETWORK/INFORMATION SECURITY: The Security Race
Alok Singh
Monday, March 06, 2006
Print Comment Email DiggDigg DeliciousDel.icio.us RedittReddit

Threats to networks are simply getting faster and perhaps a bit smarter, galvanizing vendors to produce solutions that are smart and fast

There was a time when there were many similarities between writing graffiti and cyber hacking. Both required creativity, innovation, and even a bit of genius. And though they had potential for serious damage, all the effort in both these activities was geared for a bit of elusive fame-in the name of a pseudonym whose real identity would perhaps never be known.

Security threats have become malicious. They are still designed to create serious damage, but the object now is primarily monetary profit. But worse, it is the new playground of the underworld. The hacking industry has become more profitable than the illegal drug industry.

RANSOMWARE-WHAT'S YOUR PRICE?
A new word was coined-Ransomware. In this type of attack, the hacker (and that has become a really dirty word) installs a code on server or a PC, locking out certain files. Then a ransom demand is made, to deliver the unlocking codes. Very few of these attacks have been reported so far, and the one that has been accepted publicly had the files unencrypted without paying the ransom of $200. Although this attempt seems childish, it reminds of the extortion threats that organizations had received in the previous years for paying up or be subjected to DoS or DDoS attacks.

It is suspected that many more organizations would have received such ransom demands, but not many are acknowledging them. However, what is sure is that such attacks would get more refined, cracking the codes will be more difficult, and modes of payment will be more refined. A bank account is surely not a safe means of receiving ransom money.

Ransomware is the most recent and another clear indication that security of networks and network resources needs to be taken more seriously

EXPERTS PANEL

Adrian Amelse, senior director (security), Cisco Systems
A Prasad Babu, SE Manager (India & SAARC), Juniper Networks

COLLABORATION
For a start, various security vendors-even ardent competitors are now collaborating. Layered security for high networth assets like data centers and head offices is still a popular option, and despite integrated solutions being available, best of breed is still being opted for in these special cases. The collaboration leading to interoperability of devices has been in evidence now for quite some time. What is increasingly happening is that whole framework such as the network and mission control frameworks (which have several protocols associated with them, and which also have the algorithm required to process those protocols) are becoming a part of these collaborative efforts. Not just various vendors of IT equipment (including security vendors), but even various service providers are collaborating with the vendors to qualify their services before they are launched. That is a much larger collaborative exercise, and collaboration at that level is happening a lot more. Standard bodies such as the IEEE and the IETF are of course driving these exercises, but they are being helped by various vendors coming together to create working platforms, and then presenting these platforms to the standards body for ratification.

COST
The investment of time, skill, and money required for managing the traditional security infrastructure is getting higher. The increase in complexity is coming from the proliferation of attacks, which are being fuelled by the hacking industry getting smarter and discovering many new revenue models.

So, the trend is increasingly towards automated security deployments like IPS (intrusion prevention systems). They have been around for a while now, and of course level of deployments don't match the levels of firewall deployments. But they are increasingly becoming more popular. And vendors are saying that most of the new RFPs (requests for proposals) now ask for IDS/IPS. They add that over the course of this year, new deployments of IPS will cross the new deployments of IDS. Even if that does not happen this year, the IPS is likely to become increasingly attractive with their relative freedom from patch management, and the requirement for fewer personnel as most of its processes are automated. Also, with cost becoming a major issue, point solutions would continue to give way to integrated solutions.

Organizations are likely to go for unified threat management solution in most scenarios, except the datacenter or head office kind of scenarios. And here too, proactive technologies are likely to increase their share. These proactive technologies work by identifying the behavior of malware rather than its unique signature.

SECURITY IS MONEY
The other very clear trend is that management of security will continue to become more complicated and more costly. With the underworld looking at it as a serious new avenue, the network is unlikely ever to be completely safe. The related trend that seems to be picking up is that security is becoming an application in itself.

Not just the vendors, but even service providers are increasingly putting it up as a value added service. While routers have already incorporated many security features, today the telcos are offering and charging a premium for secured services. Telecom Italia is one that is charging a premium for providing a host of secured GPRS services.

VIRUSES BECOME DEMOCRATIC
No longer will delinquent geniuses have to write inspired software/malware. Instead, every time a network or an OS vulnerability is discovered and published, all that the criminal hacker has to do is target the existing malware to that vulnerability, recompress it into one of the many compression formats, and let it loose to find unprotected points of entry. The changing demographics of the hacker may well explain the rather obscene and crass covering notes that the new-age malware carries. And there is, like always, free software available for doing most of this work. The Zotob virus that hit last year had variants running into the 'x' and 'y' alphabets.

Organizations are opting for box solutions for their remote offices. The idea being-to save on cost of managing roomful of equipment.

REMOTE MANAGEMENT
That is one trend, which has been waiting to happen for some time now, especially with remote management of infrastructure taking off. Currently, it is not a major trend. However, with the SMBs coming into this market this business is likely to pick up, as these organizations may not have the required manpower and skill to combat the ever-growing threats out there. Many large organizations are also likely to contribute to this business and many integrators are reporting that certain banks have also starting showing a preference this outsourcing of security management. The only enterprises that are likely to stay away from this trend are the IT and ITeS.

AUTOMATED CONFIGURATION
Organizations are opting for box solutions for their remote offices. The idea being-to save on cost of managing roomful of equipment. While saving on the cost of manpower is the major driver for these solutions in the West, the vendors of these solutions are confident that these services have a place in India despite the labor arbitrage. The key drivers here could be lack of trained manpower. With automated configuration, the box would be sent to the remote office with a minimum configuration. The rest of the configuration will be pushed to it once it is plugged in. While these devices have been available for remote offices for a while now, the trend of the future is that the SMBs may now be their new clients. These will also be useful where the user's level of technological awareness is not very high, for example, when networking the petrol pumps in remote areas, or even banks with networked branches in rural areas.

There was a time when the smart hackers found ingenious ways to do their deed and organizations had to move fast to protect themselves. Today, it is the hacker who is moving faster and faster, and the guardians of network security are attempting to become smarter. For all the changing trends in the network security business, it seems the smart will always beat the fast.

Alok Singh 
aloks@cybermedia.co.in

Page(s)   1  

Print Comment Email DiggDigg DeliciousDel.icio.us RedittReddit
3GSM INTERVIEW: “I Love the mobile telephony and I Love our operator partners”
3GSM: 3G Services Create a Buzz
BPO TRENDS: On The Anvil
 





 

Current Issue


ZTE:Leading CDMA Technology

Extraordinary Networks:Freedom of Choice





Your Opinion Matters

Does cloud computing cast a cloud on the future of IT professionals?

Is your Accounts Payable Solution working for you? Think Again…

   CIOL Services
IT News | IT Jobs | IT Outsourcing | IT Shopping
 



  For Voice&Data Print Subscription
  [ Magazine Subscription ]  [ Contact Info ]  [ Advertise : Online | Magazine | Advertising Print | Mediakit Print ]
 
Other CyberMedia web sites
[Dataquest]  [PCQuest]  [CIOL]  [Living Digital]  [IDC India]
[DQ Channels]  [The DQweek]  [CyberMedia Events]
[CyberMedia Digital]  [Cyber Astro]  [CyberMedia India]
[Global Services]  [BioSpectrum]  [BioSpectrum Asia]
[Computer Shopper]   [College Buying Guide]   [Voice&DataConnect

CyberMedia India Ltd

 
  Copyright © CMIL. All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.
Usage of this web site is subject to terms and conditions.
Broken links? Problems with site? Send email to webmaster@ciol.com