Top Security Challenges for 2011: Check Point’s Perspective
In a certain sense one might say that it could be quite easy for Checkpoint to make predictions at this point of the year considered that we are in the middle of 2011 (and truthful predictions should already come true), but this is not my point of interest. My point of interest is the fact that, in my prevision evaluation of security predictions for 2011 (we were in December 2010), I was a little bit disappointed for the fact that it had not been possible to compare Check Point, a landmark in Network Security, with the other vendors since at that time it did not release any prediction for the current year. The perspective of this vendor, focused on network security, is a really interesting complement to the landscape (that is unifying endpoint, network and cloud security), since Check Point is considered the pioneer of modern firewall, as well as inventor of the stateful inspection technology, the foundation of network protection.
According to John Vecchi, head of product marketing for Check Point, the following areas will be on the radars and agendas of CISOs worldwide
- Virtualization and the cloud: according to him, the challenges associated with this trend include lack of skills in the security team, cost of new solutions and regulatory issues. To these challenges I would also add fragmentation of Cloud Environments which need powerful tools to normalize, securize and manage such environments. As a matter of fact we are experiencing the proliferation of Hypervisors, operating systems, services and application that must forcefully coexist each other on the same environment;
- IT consumerization: Tablets and Smartphones are becoming inseparable companions of Organizations and Enterprises, but, although they are breaking the line between personal and professional life, they have not been natively conceived for a professional usage, and this paves the way to new threats that need to be faced. According to the Israeli company 30% of enterprises are implementing tablet computers and by 2013, we will see a 100% increase in smartphone usage. Meanwhile, according to Juniper Networks, Android Malware increases 4 times faster…
- Consolidation and complexity in security. According to Check Point there is a huge trend to converge and unify information security technologies. This challenge is not a surprise: the company is well known among security professionals for the completeness of its management framework and the consolidation (of vendors and technologies) is a well consolidated trend in market, vendors and technologies;
- Web 2.0 and social media: this is another consolidated trend whose last (and more relevant) example is the affair of Primoris Era and the consequent risks of social espionage or social (media) engineering which can have a devastating impact for the Enterprises. But this is not the only risks: due to their six degrees of separations: social networks are a powerful (and reliable) mean to spread infections. In my opinion, this challenge is strictly related to IT consumerisation (as mobile technologies, social media is an example of consumer technologies which rapidly spread into Enterprise), and Enterprises are generally not prepared to face similar threats, which are increasingly pushing the users to cross the boundaries which separate personal and professional usage of their working tools. In both cases, in my opinion, the possible countermeasures are similar: not only technology but (most of all) education for users who should be made aware of risks deriving from crossing that line: would you ever store the last financial plan in the same computer when your son chats, surfs the web or share his life on Facebook? Why should you do on the same phone or tablet where you share your life (without considering the fact that data are continuously sent to Apple, Google and so on…).
- Data security and data loss: according to Check Point, $7.2m is the average cost of a data breach in 2011. USBs and laptops, corporate email and web mail are the largest sources of data ,loss. Agreeable security challenge, but too easy after the affair of Wikileaks.
- Threat landscape: according to Check Point, this can be broken down into two motives: Crime and profit, and Cyber-warfare and hacktivists. The biggest recent threats include stuxnet, operation aurora (belonging to the second category), and zeus zbot (belonging to the first). These are the so called Advanced Persistent Threats that are increasingly used not as “exercises of style” but as real weapons for fighting wars on the virtual battlefields or stealing money.
The last predictions have little to deal with security (in the sense that they are general concepts) but are worthwhile to be mentioned as well:
- Governance, risk and compliance: according to Check Point Governance and compliance has the greatest influence on the information security programme for 60% of companies. In my opinion this challenge goes in the same direction of consolidation and complexity in security which need unified management whose role, definitively is just to enforce the policy (at least this is my model);
- Cost-saving IT and Green IT: the latter two are strictly joined (and in a certain sense also joined with Cloud and virtualization). IT has always been considered an enabler: but probably in the current complicated situation it is not enough and IT must also support the enterprise to control costs (and moreover in this scenario information security must be a business process).
After analyzing Check Point’s Top Threats I enjoyed in comparing them with the available predictions of other vendors. Of course I had to do some assumptions, that is: I mapped the “Threat Landscape” to Advanced Persistent Threat, “IT Consumerization to Mobile”, and “Data Security and Data Loss” to Removable Media.
The results are represented in the following table:
Checkpoint confirms the mobile as the Top Threat for 2011 (as done, in total, by 6 of the 7 examined vendors, the only excluded, Kaspersky, simply put the mobile as a top threat for 2010). Similarly, Advanced Persistent Threats gained the preference of 5 vendors of the 7 examined, including Check Point, as Social Media did. Curiously, as far as Cloud and Virtualization are concerned, Checkpoint’s Top Challenge is similar to the one provided by Symantec (and Trend Micro): I would have expected more vendors addressing the Cloud and Virtualization as a key concern for the 2011 (and the examples of Epsilon, Amazon and Sony are particularly meaningful of the level of attention deserved by this technology).
On Facing the 2011 Top Security Challenges, particolarly meaningful for Check Point is the role played by the unified management technologies. This is not surprising since, on one hand, vendors and technologies are converging and consolidating themselves in few vendors with a multi-domain porfolio (the ast firm in order of example is Sophos with the acquistion of Astaro); on the other hand Check Point management technologies are considered the state-of-the-art for a unified management framework.
- Some Random Thoughts On The Security Market (paulsparrows.wordpress.com)
- What do RSA, Epsilon and Sony breaches have in common? (paulsparrows.wordpress.com)