Why Managed Internet Security Subscriptions Are the Wave of the Future (Part 1 of 2)
It wasn't long before the criminal elements found a easy way to make a quick buck with little or no risk of getting caught. Thus, a whole new industry was born. Hackers, through their hacking, spamming, phishing, pharming, and keylogging activities, stole identities, personal and financial information, and simply created an overwhelming annoyance. Via their devious conduct spawn a new industry the anti-virus software industry. Thus was born a wealth of major and minor players selling off-the-shelf software to combat the virus attacks, software to combat the spyware, combined software to combat both, and more. Internet service providers soon jumped on the bandwagon and offered their version or a partnered version of the anti-software.It used to be that, if you wanted to surf the Internet, you simply turned on your computer and logged-on to your browser. It was a safe and richly rewarded experience for communicating, educational, entertaining, researching, and shopping purposes. With companies like yahoo.com and Hotmail.com/MSN.com offering free email accounts, soon everyone under the sun had at least one account. Some have been known to have four or five accounts. Some even had as many as ten different accounts.
As consumer use expanded online, it wasn't long before the criminal elements found a easy way to make a quick buck with little or no risk of getting caught. Thus, a whole new industry was born. Hackers, the ones looking for a fast and easy buck and the ones looking to make a name for themselves by shutting down computers at major businesses or organizations, thereby creating havoc among all concerned, came into existence. Through their hacking, spamming, phishing, pharming, and keylogging activities, they stole identities, personal and financial information, and simply created an overwhelming annoyance.
The hackers via their devious conduct spawn a new industry the anti-virus software industry. Thus was born a wealth of major and minor players selling off-the-shelf software to combat the virus attacks, software to combat the spyware, combined software to combat both, and more. Internet service providers soon jumped on the bandwagon and offered their version or a partnered version of the anti-software. In the meanwhile, the hackers always seemed to be two steps ahead – ahead of the industry and ahead of the law enforcement authorities.
Enter a new concept: It is no longer sufficient protection for the consumer, business, or agency to purchase off-the-shelf software packages. Although they are excellent products at what they do, there still remains a void where the hackers are prevailing.
If I may use a fishing analogy It is no longer safe or productive to go after them with one, two, or more fishing lines that are baited to catch the target or targets they are created to catch. What is needed is more productive approach, a multi-purpose fishing net approach in order to (a) catch the dangers, (b) prevent future attacks, (c) alert when new threats are in existence, (d) be mended and updated daily, (e) become invisible to the preying eyes of the barracudas, and (f) have a team of extremely well trained and proficient net menders.
This fishing net approach is just coming to light for the past 2-3 years. Known as a comprehensive, or managed security services, it is presented to the consumer as a subscription service, similar to subscriptions he would purchase for his Internet access, his telephone, his cable TV, or his daily or weekly newspaper.
According to the CERT® Program, part of the Software Engineering Institute (SEI), a federally funded research and development center (FFRDC) sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University, "Organizations must practice strong computer security. CERT is also continuously researching various aspects of computer security that can benefit organizations."
The primary goals of the CERT program are to ensure that appropriate technology and systems management practices are used to resist attacks on networked systems and to limit damage and ensure continuity of critical services in spite of attacks, accidents, or failures.
The SEI advances software engineering and related disciplines to ensure the development and operation of systems with predictable and improved cost, schedule, and quality. CERT, the home of the well-known CERT Coordination Center, studies security vulnerabilities, research long-term changes in networked systems, and develop information and training to help their clients improve security.
When designing malicious code, attackers often take advantage of vulnerabilities in software. In 2006 alone, the CERT Coordination Center received more than 8,000 reports of vulnerabilities. But many of these vulnerabilities are a result of software defects that could easily have been avoided. Through secure coding initiative, CERT is identifying common programming errors and developing secure coding standards to reduce the number of vulnerabilities introduced into software.
The field of survivable systems engineering explores the current state of systems to identify problems and propose engineering solutions. The work described below focuses on the development lifecycles for both new development and COTS-based systems. It includes analysis of how susceptible these systems are to sophisticated attacks and suggestions for improving the design of systems based on this analysis.
Note: Be certain to download a copy of their pdf-format, 68-page CERT Research 2005 Annual Report. Click the link below to get the download.
CERT Research 2005 Annual Report
(The Annual Report describes current CERT Research projects in terms of problems addressed, research approaches, expected benefits, accomplishments, and plans. Each project is also summarized and links within project summaries lead to longer project descriptions.)
The current trend seems to indicate that people will continue to seek and purchase concomitant managed security services because they are the best forms of protection available. This level of professional grade technology coupled with a team of security experts available to help with any security problem will continue to grow as protection-sensitive consumer order these services for home and small business computers managed security services are the future of Internet security.
Someday, just as one buys a subscription to an Internet service provider, a DSL service, and/or telephone service, everyone will purchase a subscription to managed security services to protect themselves from Internet threats.
The social implication seems to indicate that the average person has to -
Soon, the demand for Internet security products and services will reach a frantic pace, and Internet security will become a fundamental part of using a computer. In the future, security-in-a-box will go away, and Internet security services will become a giant industry, much like phone, cable, power, and other utilities. Everyone will have their own personal Internet security service subscription.
Remember When you say "No!" to hackers and spyware, everyone wins! When you don't, we all lose!
© MMVII, Etienne A. Gibbs, MSW, Internet Safety Advocate and Educator
About the Author