November 2002
High 5
BY Andrew Briney
One must always guard against getting too full of oneself, but you'll pardon
us if we do a little back slapping this month. This is Information Security's
5th Anniversary Issue, and we're in a celebratory mood.
IT security has changed a lot over the last five years, and part of this
special issue looks at how those changes influenced how we "do security" today.
We reflect on some of the defining moments in security over the last
half-decade, from the major cyberattacks and security events to the
technologies, companies and people that have shaped how enterprise security gets
done.
This issue is also our 5th annual Crystal Ball issue, and in the spirit of
the "5" theme, we peer into the future and make predictions about the next five
years: likely attack vectors, market shifts and technology changes. In addition,
we sprinkle in several "Looking Back/Looking Ahead" editorials from security
soothsayers Eugene Spafford, Marcus Ranum, Thornton May and others.
We go out on a limb on a lot of this stuff, and I'm sure you won't agree with
all of it. I encourage you to e-mail me with feedback. But most of all, I hope
you enjoy reading this special issue as much as we enjoyed putting it
together.
My Predictions
Every year at this time, I put my money where my mouth is
and venture a few predictions of my own. Looking back over the years, I see that
most of my predictions were either "no duh's" or way off the mark. Let's see if
I can fare better this time.
- Over the next, year we'll see further growth and acceptance of
hardened security appliances, particularly in small- to medium-sized businesses.
In the absence of funding for in-house security staff, SMBs have two choices for
security: managed monitoring and plug 'n play. After a lull, managed monitoring
will bounce back in 2003, but many organizations will opt to manage security
in-house instead. Today's integrated security appliances have improved
technologically over previous versions. They give SMBs a legitimate no-muss,
no-fuss alternative.
- The push for the all-in-one security management continues. One of my
predictions for 2002 was an explosion of tools that do for security what HP
OpenView does for networks. That's exactly what happened. But all of today's
security management systems are fundamentally flawed because they're limited in
the types and range of systems they can manage. None of today's ESM/SIM
solutions are truly heterogeneous. Until some enterprising vendor builds a
system on an open management protocol, enterprises will go wanting.
- Expect vendors to latch on to anything associated with Web services
security. Web services were the hot-ticket item in 2002. Now everyone is looking
under the hood at just how reliable and robust distributed identity management
really is. Before Web services see the "hockey stick growth" everyone's
predicting, businesses and consumers will need to feel comfortable that their
digital identities are adequately protected. Enter a slew of Web services
security solutions.
- Smarter threat management. The IDS vendors have been beaten black and
blue by their customers over the past two years. Fewer false positives! Better
integration with other monitoring and logging gear! The vendors have been
listening and, over the past year, re-engineering their products to meet the
demand. We'll see better IDS/firewall integration in 2003, as well as smarter
IDSes, making it easier to separate real attacks from those annoying false
alarms.
- Physical and cybersecurity remain separate. After the 9/11 attacks,
everybody talked about the convergence of physical and IT security. Sure, the
physical plant and infosec departments are at least talking to each other now,
but they're hardly an integrated function. Don't expect that to change much in
2003.
Andrew Briney is editor-in-chief of Information Security magazine.
