Expansion of mobile devices, omnipresent connection, internet of things, appearance of new and persistence of existing threats. All these are significant changes in the area of IT security frequently mentioned by analysts. In the following overview, Flowmon Networks concentrates on the five major trends that will make the impact on the form of the network security in 2016.
“Things” Make Traditional Security Concepts Non-functional
Massive expansion of devices, sensors and other "things" connecting to the Internet services have consequences on the safety. Additionally, these devices practically lack any kind of security, and thus, naturally, become the target of threats in the form of so-called botnets or targeted attacks using their vulnerability. Due to the influence of the Internet of things, a fundamental change in the identity management must be carried out. The identity of device is different from the user's identity, which is also reflected in the network traffic – the devices work on different communication protocols, do not support traditional authentication login / password, they can change their owners etc. All this makes traditional security concepts such as integrity, availability and confidentiality non-functional.
Flexible Network Perimeter
Spread of mobile devices, inclusion of mobile networks, the ability to connect to corporate networks from different locations, third parties connecting to corporate applications - these and other facts foreshadow the end of the traditional notions of perimeter security and open up exponentially growing number of ways how to bypass it. Secure access to corporate networks from different platforms, update, or proper configuration of all devices put considerable demands on administrators and central management. So, it is expected that the importance of the network behavior analysis technology, which is based on the fixed rules but uses advanced artificial intelligence to detect threats that bypass perimeter, to increase.
Democratization of Advanced Tools Usage
Large firms invest large sums in sophisticated security tools and hire specialists to protect their IT, which slowly moves the attention of attackers to the SMB section, where companies often use only basic security methods such as firewalls and antivirus. With the increase of threats that bypass signature and firmly set rules, the intrusions are becoming much more real threat for them than in the past. It can be expected that this development in the field of cyber threats will be reflected in the increased interest of small and medium-sized companies in the advanced security tools focusing on the area of networking. Especially, if these solutions are accessible for them, in terms of both price and management.
Protection Against DDoS Attacks at the Backbone Network Level
Due to their effectiveness and simplicity of launching, DDoS attacks are relatively common tool of cybercrime. Unlike in the past, there is no need for a sophisticated hacker to perform them, only a credit card and an order for a few tens of dollars. It is, therefore, not surprising that, according to various studies, those attacks are not only becoming more frequent, but also grow in volume and intensity and are perceived as one of the biggest threats by organisations. Capacity of the lines of majority of companies is naturally not able to absorb a massive attack. It is expected that the interest in the protection against DDoS attacks will grow in accordance with the companies‘ dependence on applications . Internet service providers and operators of backbone network can play an important role in this area. Efficient protection of the infrastructure offered to their customers is not only the way how to prevent the paralysis of critical applications and services, but also the way to distinguish themselves from the competition and offer attractive value-added services.
Active Approach to IT security
Flexible network perimeter, the increasing complexity of corporate IT and the diversification of threats open up new ways to jeopardize internal network systems and data. This is why we cannot rely only on perimeter defence, IDS / IPS systems and databases of threat signatures in the modern environment Therefore, the basis of the modern IT security strategy will be to integrate traditional solutions into the technology of data flow monitoring, which allows you to monitor what is happening in your network. Integrating these tools into the IT security management will fundamentally change the nature of "defensive" approach to "active detection and elimination".