Cloud-based security services: will 2009 be the year this much hyped sector come of age: Pravin Mirchandani, CEO of network security specialists Syphan Technologies, argues that the emergence of new high-speed security technologies as we head into a recession is likely to be the catalyst for more widely available cloud-based security services.The term Security-as-a Service was first coined by the marketing folks at McAfee in 2001 to describe their vision of an outsourced approach to the provisioning and management of the full range of anti-X technologies needed to maintain corporate security, via the Internet. From a technical and business perspective, the idea of being able to devolve devolve v. when property is automatically transferred from one party to another by operation of law, without any act required of either past or present owner. The most common example is passing of title to the natural heir of a person upon his death. the responsibility for keeping complex network infrastructures secure and threat--free, to third party specialists, had many attractions, particularly as IT security professionals were both thin on the ground and expensive heads to have on the payroll. Given that this was also a time when the battle between security vendors and the hacker community was really getting into its stride, and new vulnerabilities were being discovered on a seemingly hourly basis, it is surprising that, eight years later, the industry is still struggling with the concept of cloud-based security. In fact, if anything, the fundamental drivers underpinning the argument for a SaaS approach have strengthened in the intervening years: in 2008 there were over 5000 new vulnerabilities identified in common applications, operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. and networking components; new PCI (1) (Payment Card Industry) See PCI DSS. (2) (Peripheral Component Interconnect) The most widely used I/O bus (peripheral bus). regulations and government legislation means that enterprises now face serious consequences if they fail to maintain stringent security standards; and low cost, highspeed internet connectivity is virtually universal. So the logical question is: why is cloud-based security not more widely adopted as mainstream policy? Clearly there is no one simple answer to this and no doubt resistance to some of the changes in thinking and internal processes needed to implement a SaaS strategy is a significant factor. However, as we face the prospect of a lengthy downturn in the global economy, companies are being forced to take a fresh look at their cost base, including the core IT infrastructure fundamental to their business operation. Constrained economic circumstances are traditionally the time when the advantages of outsourcing are more readily accepted by an organisation. One very obvious reason for the slow uptake of SaaS is that there are few companies that actually offer the full security package that businesses require. Whilst this can be regarded as one of those circular "chicken-and-egg" arguments, there are some real and fundamental technology issues that have delayed the MSSP (MultiService Switching Platform) A high-end Cisco router that supports high-speed optical connections in the core of the network. See MSPP and MSTP. sector from seizing the opportunity and making the leap from remote network security management to delivering the full range of hosted security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the online. In particular, security vendors have failed to keep pace with the new multi-gigabyte network speeds needed to power band-width-hungry applications such as VoIP and multi-media streaming that many organisations have been quick to embrace, for which users demand consistent and reliable levels of performance. One of the other big factors that has occurred in the last few years, and is also contributing to the delayed roll-out of SaaS, is the increased sophistication so·phis·ti·cate v. so·phis·ti·cat·ed, so·phis·ti·cat·ing, so·phis·ti·cates v.tr. 1. To cause to become less natural, especially to make less naive and more worldly. 2. of the threats facing network infrastructures as the hacker community has found new ways to circumvent the latest security technology to deliver their malware payloads. The response by the security industry has been to try to adapt old technology to operate in a modern high-speed environment and to mitigate complex threats that it was never designed for, usually resulting in increased latency and unacceptable degradation of network performance. The latest multi-staged "low and slow" attacks are a specific case in point. Delivered over time in incremental parts, these attacks are virtually undetectable by existing IPS and firewall systems and require a totally new approach to intrusion detection See IDS and IPS. and prevention. Most of the big global network security vendors have announced products that include the option of 10G connectivity and make claims of high-speed throughput with multiple threat mitigation functionality. In theory they can provide the necessary protection but in practice these ASIC (Application Specific Integrated Circuit) Pronounced "a-sick." A chip that is custom designed for a specific application rather than a general-purpose chip such as a microprocessor. plus CPU CPU in full central processing unit Principal component of a digital computer, composed of a control unit, an instruction-decoding unit, and an arithmetic-logic unit. based systems are restricted by the limits of their processing architectures and are unable to offer true 10G throughput performance, creating an overall bottleneck in the system and major problems for the users of VoIP and other real-time applications downstream. As with the threat posed by multi-staged stealth attacks, resolving the issue of throughput performance requires more than just tinkering with existing technology, which in this case has effectively reached the limits of its capability. Syphan is one company that is tackling this problem head on through its innovative use of FPGA-based multi-dimensional parallel processing parallel processing, the concurrent or simultaneous execution of two or more parts of a single computer program, at speeds far exceeding those of a conventional computer. techniques. Using programmable silicon also means that the technology can be quickly upgraded in situ In place. When something is "in situ," it is in its original location. with new rule sets as and when new threats emerge, and by enabling full packet inspection against multiple rules in parallel, true 10G performance without latency is a practical reality. With the emergence of these new technologies at a time of economic uncertainty, the roll out of scalable online security services has become a much more attractive proposition for MSSPs and their customers alike. Whilst not everyone welcomes the prospect of scaling back their internal operations, the option for businesses to eliminate their security management and infrastructure costs without compromising their security posture or risking impacting the day-to-day business operation is a likely to be a strong factor in making 2009 the year that the cloud-based security market, envisaged by McAfee, starts to take hold. RELATED ARTICLE: Three Quarters Organisations To Reallocate Verb 1. reallocate - allocate, distribute, or apportion anew; "Congressional seats are reapportioned on the basis of census data" reapportion allocate, apportion - distribute according to a plan or set apart for a special purpose; "I am allocating a loaf of or Increase Their Budgets Within The Next Twelve Months A survey by Infosecurity Europe of 470 organisations has found that 75% of them intend to reallocate or increase their budgets to secure cloud computing (1) Running applications in or from network servers. Computing "in the cloud" may refer to a company's own network, but often refers to the Internet and the use of Web browser-based or rich client applications. and software as a service within the next 12 months. Further, interviews conducted by Infosecurity Europe with a panel of 20 Chief Information Security Officers (CISOs) of large enterprises which covered the topic revealed that they are concerned about availability and security aspects of software services in the cloud Refers to the operation taking place within a network. See cloud. . They were especially concerned about the lack of standards for working in the cloud, SAAS and secure internet access See how to access the Internet. , all of them said that they would welcome the development of guidelines in this area. "This is the clearest indication that SaaS is well and truly here to stay. With any new technology however a risk assessment must be undertaken before allowing your data to be stored offsite (with a vendor). After all, you can transfer the burden of managing systems, but not the liability if something goes wrong." Raj Samani ISSA (Information Systems Security Association, Bellingham, WA, www.issa.org) A membership organization that promotes effective management practices for computer security. Founded in 1982, ISSA has chapters in more than 20 countries and hosts an annual conference. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Tamar Beck, Group Event Director, Infosecurity Europe, "There are many drivers that make Externalisation n. 1. embodying in an outward form. Noun 1. externalisation - attributing to outside causes externalization ascription, attribution - assigning to a cause or source; "the attribution of lighting to an expression of God's wrath"; "he almost inevitable as competitive new businesses models are underpinned by collaborative working and its ability to enable organisations to seize opportunities as soon as they arise. Cloud computing and SAAS appear to have a pivotal role to play in this new evolving environment where CIOs are challenged to add value to the business and CISOs required to ensure that new services are reliable and secure. The excellent work done by the Jericho Forum The Jericho Forum is a group of organisations working together to define and promote the solutions surrounding the issue of De-perimeterisation. The Jericho Forum was officially founded at the offices of the Open Group in Reading, UK, on Friday 16th January 2004. in this area is well represented in the keynote programme at Infosecurity Europe 2009 and the subject of working in the cloud SAAS and Externalisation will be covered in a number of business and technical seminars: In the keynote programme the panel on Externalisation will cover the issues raised by cloud computing and SAAS and consider implications of a more externalised method of working for organisations, and seek to address how Information Security can be managed and maintained when faced with a de-perimeterised business approach. The speakers include Jericho Forum members Paul Simmonds, Global IS Integrated Assurance Director, Astra Zeneca; Adrian Seccombe, CISO See CSO. , Eli Lilly; John Meakin, Director of Digital Security & CISO, BP; and Raj Samani from the ISSA. Dr James Blake, Chief Product Strategist, Mimecast talking on Total Email Risk Management from the Cloud who will explain why Cloud Services are emerging as an optimal solution to total email risk management. However without a holistic approach holistic approach A term used in alternative health for a philosophical approach to health care, in which the entire Pt is evaluated and treated. See Alternative medicine, Holistic medicine. to risk management, threats can infiltrate any business - Trojans can initiate data leaks and application system exploits can start denial-of-service attacks. Dr Guy Bunker, Chief Scientist, Symantec Corporation will give a seminar on Security in the Cloud which will look at the risks that it poses. From denial of service attacks to malicious insiders he will examine all the risks and recommend solutions. Peter Wood, Chief of Operations, First Base Technologies and member of the ISACA (Information Systems Audit and Control Association, Rolling Meadows, IL, www.isaca.org) A membership association dedicated to information systems auditing and security. Founded as the EDP Auditors Association in 1969, ISACA provides certification in auditing and security (see CISA and CISM). conference committee on Cloud Computing: 50 Ways to Lose Your Data where he demonstrate some real-world threats posed by "Cloud Computing" and suggestions for mitigating the risk. Infosecurity Europe, running for its 14th year in 2009. Featuring over 300 exhibitors, the most diverse range of new products and services, an unrivalled education programme and visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Infosecurity Europe is one of five Infosecurity events around the world with events also running in Belgium, Netherlands, Russia, and France. Infosecurity Europe runs from the 28th - 30th April 2009, in its new venue Earls Court, London. Syphan Technologies is exhibiting at Infosecurity Europe 2009. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion