Network Security: The Bad Guys Are (Still) Winning

BurglarNow that RSA Conference 2014 and Mobile World Congress 2014 are out of the way, network security can be forgotten about, at least for a week or two until Interop Las Vegas. That’s because when it comes to network security (or security in general), if it isn’t seen to be broken, it tends to be ignored.

Ignored, that is, unless you’re a victim of a major security breach, like Michaels Companies Inc., Yahoo, Coca-Cola, and Target. And it’s only getting worse.

According to a sneak peak at the upcoming 2014 Verizon Data Breach Investigations Report, in 75% of cases it takes attackers days or less to compromise their target, while only 25% of the time victim organizations discover the attack in days or less. Last year’s DBIR found attacks occurring in minutes or less in 84% of the cases, while 66% of breaches went undetected for months, or even years.

“Less than 25% of good guys discovered these incidents in days or less,” said Wade Baker, managing principal of RISK Intelligence for Verizon and one of the authors of the upcoming report. “This is not a good situation … The bad guys are winning at a faster rate than the good guys are winning.”

An RSA panel session identified the top three network security challenges: adequately supporting BYOD; automated assessment and response; and, software-defined networking.

One of the keys to network security is to avoid focusing on securing devices and how they behave on the network, and instead zero in on the data that’s moving between devices and networks. Automation promises the ability to respond to threats much quicker, and possibly to greater effect, but the technologies that make automation possible haven’t earned sufficient trust yet. And while SDN has the potential to provide the level of granular control needed in order to automate, companies hoping to tap the security benefits of SDN will need their network and security teams to be on the same page.

The good guys aren’t giving up, but they are at least one step behind the bad guys. IBM and AT&T just announced a new partnership focused on network security and threat management. “This is an advantageous combination of industry-leading network-based security, consulting, and analytics,” said Christina Richmond, Program Director, Infrastructure Security, IDC. “AT&T and IBM are meeting a real market need with a robust end-to-end security solution that provides enterprise customers with both integration and simplicity.”

EMC’s security division, RSA, got together with another EMC spinoff, Pivotal, to create a new Big Data for Security Analytics reference architecture. “The foundation offered by RSA and Pivotal will be extremely valuable not only for organizations looking to bolster security capabilities, but also those considering expanding their Big Data strategy beyond just security,” said Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group.

Even Silver Peak is stepping up, adding AES-256 site-to-site VPN to WAN optimization for improved security and performance of data in transit. “Current events have elevated concerns about corporate traffic being intercepted by government agencies,” said Damon Ennis, SVP of products for Silver Peak. “This is driving renewed interest in how businesses secure critical communications and data transfers to remote sites.”

As virtualization and software-defined-everything continue to transform the enterprise network, network security software is subduing the hardware appliances market, according to ABI Research. “Virtual appliances are being favored over more traditional hardware appliances, as they provide greater flexibility in deployment and management, the costs are greatly reduced and they are increasingly available as managed and cloud services by third party providers,” says Michela Menting, ABI Research’s senior analyst in cybersecurity. ABI Research estimates the growth rate for virtual security appliances will hit 17.7% CAGR between 2014 and 2019, versus only 3% for hardware products.

So network security will continue to be a work-in-progress, and will increasingly shift from a hardware to a software focus. However, the focus on security will have to be sharpened if organizations expect to keep up with, if not surmount, the increasingly complex and hostile environment.