One thing that 2014 has taught us is that even some of the most sophisticated environments can be compromised. - That means businesses must be as vigilant as ever on security, but at the same time they must build a competency in responding to incidents that have occurred.
Security tools that provide forensic data on threats using malware analysis and content analysis systems will ultimately be the defining factor in the level of security against zero-day threats. Today, it is this response capability that most companies lack both in terms of tools and process, which also to be a huge opportunity for Blue Coat to grow in 2015.
Specifically, to close the security gap and overcome the major challenges of achieving advanced threat protection, Blue Coat offers a comprehensive 'Lifecycle Defence' approach with security analytic platform. -Enabling local organisations to fortify the network by blocking cyber threats, proactively detecting malware and automating best practices for incident containment post intrusion.
In addition, as Blue Coat predicts that the hostile use of encryption is set to increase in the coming years, we have recently unveiled new Encrypted Traffic Management capabilities that enable local businesses to uncover security threats hidden in secure socket layer (SSL) traffic whereby organisations can gain better network visibility to address the growing risks posed by encrypted traffic.
Michelle Ong, Fortinet's Country Manager for Malaysia (pic), said:
1. Security breaches are harder to stop
Security breaches and data leakage will continue to trouble companies of all sizes. The threat timeline over the last 10-15 years has shown that a new threat tends to be quickly answered by a new defence system. The threat then evolves, and a new defence system is needed. This has led to a myriad of disparate security appliances, software agents and management systems that in many cases are unable to talk to one other.
2. Cloud technologies are finally taking root
All forms of cloud are starting to make inroads as a viable part of the enterprise infrastructure. Software as a Service (SaaS) has reached a tipping point as most organizations trust a provider's security capabilities. Infrastructure as a service (IaaS) is still focused on web applications for elasticity and redundancy. Cloud bursting, hybrid clouds and personal clouds will mean more sharing of distributed services, management and security.
According to Gartner, Inc., the desire to share content and to access it on multiple devices will motivate consumers to start storing a third of their digital content in the cloud by 2016. Gartner said that just 7 percent of consumer content was stored in the cloud in 2011, but this will grow to 36 percent in 2016.
3. Diversity in mobile apps and management
4. Software defined modular infrastructure becomes the norm
The control layer is being detached and centralised for many different parts of the infrastructure. Most of the initial focus is on the data centre with virtualisation, Software Defined Networking (SDN), Software Defined Storage (SDS) and standalone switch fabrics. The effect is that API's are being consumed at a much higher rate. In a world where the infrastructure is being dissected and segmented, API's themselves are very important but is also a potential security hole to the network element.
5. Internet of Things and Industrial Control Systems (ICS) collide
The Internet of Things (IoT) has become a powerful force for business transformation, and its disruptive impact will be felt across all industries and all areas of society. Consumer applications will drive the number of connected things, while enterprise will account for most of the revenue.
Gartner, Inc. forecasts that 4.9 billion connected things will be in use in 2015, up 30 percent from 2014, and will reach 25 billion by 2020. Industrial control systems are rolling out IP all the way to the control and measurement points. These networks are separate today and individual in nature. However, both need to deal with cyber threats, which can cause huge damage across industrial complexes, public operational networks (i.e. power grids) or consumers.
6. Wireless continues to replace wired access
Wireless access is ubiquitous across most organisations. New enterprise buildings are less and less wired. Wireless systems are becoming the primary network access control mechanism, meaning that tight integration with authentication systems is essential. Wireless technology itself continues to improve with ac Wave 1 now rolling out rapidly and Wave 2 on the horizon in 2015.
7. Networking bandwidth continues to double every 10 months
Networking bandwidth requirements continue to expand at a rapid pace. The transition from 1G data centres to 10G data centres took about 10 years. The transition from 10G to 100G will be much faster. All parts of the infrastructure need to perform within the high-speed infrastructure.
Traditionally CPU-based firewalls have fallen way behind the performance curve. More recently ASIC-based firewall appliances have taken a quantum leap in performance, allowing 100G interfaces and throughput in the hundreds of Gbps, saving space and power. Now high-speed networks can design security into the architecture without creating bottlenecks.
8. Analytics for everything that's attached to the network
Big Data and analytics can be applied for different reasons. The biggest need is business intelligence but it's also very important for security.
The amount of data being gathered is staggering but segmenting the data can lead to more actionable results. For example, collecting WiFi presence of consumers in retail stores can lead to understanding their buying behaviour. Monitoring where and when clients connect to the network can help determine security posture. Forecasting shipments based on real time data can lead to more efficient operations.
In addition, the Fortinet Security Census (undertaken by independent market research company Lightspeed GMI) conducted in late 2014, which interviewed 1,610 qualified IT decision makers (ITDM) (504 were from Asia Pacific) over 15 countries point to an escalating concern on IT security:
- Ninety-one (91) percent of Asia Pacific CIOs and CTOs believing that the job of keeping their enterprise protected is becoming more challenging.
- The increasing frequency and complexity of threats (87 percent) and the new demands of emerging technology like the Internet of Things (IoT) and biometrics (85 percent) pose the biggest challenge to ITDMs to keep their organizations secure.
- The majority of ITDMs have been provoked into action by rising data privacy concerns (89 percent) and securing big data initiatives (89 percent); in the majority of cases this means new IT security investment.
Sign up for CIO Asia eNewsletters.