Innovations that will shape network security
by Tim Keanini - CTO at Lancope - Monday, 25 November 2013.
Headline after headline, some company reports a cyber incident and hangs its head in shame. While it is disappointing, strong businesses have strong leaders that show us how to operate a company in times of crisis. Responding to an information security incident is not just an IT thing anymore, it is a business thing. 2014 is the year businesses will finally realize that leveraging the Internet for business growth also means that responding to incidents is par for the course.

I’m certain that in 2014, some companies will step up and show everyone else in the world how to excel at incident response. Successful businesses are the most attractive to the adversaries, so it is fitting that these companies will have no choice but to step up and lead. They will show us how business continuity is job one, and they will no doubt execute their incident response processes as well as a world-class sports team on game day – interfacing with legal, PR, marketing and external crime fighters to get the job done.

Software-Defined Networking (SDN) and the adaptive perimeter

Security experts have been saying recently that the network perimeter is dead, and that the boundaries that firewalls have established between ‘inside’ and ‘outside’ are disappearing. What they are really saying is that static and physically established boundaries are dead because they cannot adapt quickly to changing threat and business requirements. This all changes with Software-Defined Networking (SDN).

In 2014, we will see an adaptive perimeter or intelligence-based enclaves that are dynamic and both serving to the business needs as well as defensive against advanced threats. While there are many examples, I will share one that mimics the biology of the human body. Our bodies at a cellular level “live” because we are able to replicate cells without error on an ongoing basis. When errors occur at this cellular level, we have cancer. The difference between it being life threatening or not depends on the body’s ability to encapsulate this error and stop its replication – the successful result is a benign tumor that in most cases can be removed.

This form of containment on a network is completely attainable with SDN as long as some intelligent system is monitoring for and detecting anomalies. Self-forming enclaves are also proactive in that they can dynamically partition the network in such a way that no one threat can have a life-threatening effect on the business. SDN is one of the most exciting capabilities to ever present itself to a security architecture, and in 2014, SDN innovation will emerge, making it harder for bad guys to operate.

Increase in two-factor authentication

More individuals on the net are having their email, social media and other accounts compromised because of weak passwords. Once they experience this, they are finally ready to consider other methods, and most of the high-profile accounts like LinkedIn, Google, Twitter and Microsoft have all implemented some form of two-factor authentication. The increase in 2014 will be two-fold: 1) more vendors online will be implementing two-factor authentication and offering it as an option, and 2) more of the user base will begin to use it. It is a sad fact that a person really needs to go through the pain of a security incident before they start to practice better security.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th