Enterprise security is no longer just an IT concern, it is also becoming a business concern. Recent attacks on some big companies indicate how these attacks not only create a huge financial dent, but can also tarnish the reputation of the company
Gone are the days when CIOs and CISOs role was only to ensure a secured network by dealing with firewalls and perimeter based defenses. “Organizations worldwide have ranked IT security as one of their priorities as increasingly sophisticated attacks, new data protection regulations, and most recently insider fraud and data breaches, threaten to disrupt and irreparably damage their businesses” says Sanjay Gupta, Vice President, Fusion Middleware Business, Oracle India.
With ever-changing technologies, IT teams can count on the amount of security challenegs they have to deal with on daily basis. Today, apart from ensuring trutsed interactions and protecting the information, IT managers have to create a secure enivronment for newly emerging technologies like BYOD, consumerization of IT, cybersecurity, SMAC, etc. Today, leaders in every sector have to grapple with these implications.
More than 80% of IT managers think enterprises with a bring-your-own-device (BYOD) policy have a competitive advantage over other organizations, says a research commissioned by BT. Though each year, companies around the world spend a lot in buying new computers in bulk. But after the concept of BYOD has taken pace among enterprises, companies are now allowing employees to bring their own products into the office and use them for corporate activities. This in turn help companies to invest their budget in other technologies.
As it is rightly said that there is no free lunches in this world. This saying is well suited for BYOD, as it not only allows employees to bring their own devices at work but also open the gates for BYOA, ie, bring your own applications, which in turn requires robust enterprise secuirty.
According to Forrester, 53% of employees use their own devices for work and 29% of the global workforce have three or more devices. BYOA poses real risks for corporate enterprises managing unsecure applications, malware and data loss, data breach risks and application security sprawl.
Whereas, “Vertical markets, such as banking and financial services, that have had a strong focus on security are now preparing themselves for the Third Era of IT Digitalization by investing in technology approaches that can enable them to grow their business securely while embracing digital business models,” added Sanjay Gupta, Vice President, Fusion Middleware Business, Oracle India.
According to Gatner, organizations are today increasingly more aware of security considerations in India, driven by the following factors:
Highly visible security incidents in 2013 and 2014
Increasing financially (corporate espionage, underground economy) and politically (hacktivists and nation states) motivated advanced targeted attacks
Renewed regulatory focus on security and privacy (both at a country and industry level)
Overall IT spending growth
Though a contribution in security software market came from endpoint, the network security software as well as identification and access management segments grew while business from security software and security and vulnerability management applications remained by and large constant.
Players like Symantec, Intel, and Trend Micro lead the end-point security market though seeing tough competition from the local security software vendors in certain regions.
Network security continued to see good growth as it witnessed market consolidation with Sourcefire acquired by Cisco, Stonesoft acquired by McAfee, and Cyberoam acquired by Sophos. With changing landscape of cyber threats and growing adoption of disruptive technologies like mobility, virtualization and cloud is pushing security vendors to expand their network security solutions capabilities and merging of technologies, for example, virtualized firewalls; hardened OS for security appliance, and running firewalls with hypervisor.
In the more recent years, organizations have focused on innovations in products, structures, and processes—to achieve new growth markets and opportunities. The business impact of adopting models like cloud computing, mobility, big data, and virtualization has been experienced by all organizations, big and small.
At the same time, in the wake of major security breaches and attacks across the globe, network security for the connected enterprise has become a serious area of concern. For example, migrating to the cloud from an in-premise model fundamentally changes the way IT security is to be addressed. The challenge is that organizations are still developing cloud security processes and solutions, which potentially gives hackers and attackers a wide window of opportunity. Likewise, a BYOD traction creates challenges around management and security of mobile devices, which must be addressed proactively by IT.
Network security threats are also continuously evolving and expanding with added levels of sophistication with each passing phase. This has contributed to the rise in organized cyber crimes, with phishing syndicates innovating in no less measures to trick users into their traps.
Lately, online attacks comprising blended threats, hybrid attacks, and APTs have increased in speed and sophistication exponentially. Further, spam emails are not generally a self-contained attack anymore, but rather a social engineering component of a larger attack. These are designed to convince a potential victim to interact with the web-based content, which could crack open an organization’s security system to an ill-intending hacker.
All these developments have led the security vendors into continuously evaluating their products and enhancing protection features. Besides, there is a growing threat due to abuse of trust within organizations. Due to lack of a thorough control or visibility, insiders are able to take organization’s intellectual property in ways as simple as copying information on a pen drive or mailing it out of the organization’s network.
Key Developments in Network security
In July 2013, Cisco acquired Sourcefire, a maker of network security hardware and software, for $2.7 bn. The acquisition is considered to have worked positively for Cisco and strengthened its position in the security market. In India, reports suggested that the security team has doubled in size in the past couple of years.
“One of our major announcements in the last fiscal year was the acquisition of ThreatGRID. This announcement addressed customers’ needs to combat zero-day attacks and advanced persistent threats (APTs). Cisco also broadened its Advanced Malware Protection and datacenter security offerings with this announcement” added Pravin Srinivasan, Lead, Security Sales, Cisco India & Saarc.
Palo Alto Networks was one player that became significantly more aggressive in India last year. It was reported to have hired 50-60 channel partners and was engaging them in roadshows to sensitize on security issues in tune with the enterprises focusing more on cloud, mobile and collaboration tools. The California-based company said it would be setting up regional offices in cities like Mumbai, Bengaluru, Delhi, and Chennai and also ramping up its team sizes. Until 2013, the company had a team of 15-18 people in India and up to 200 customers locally.
The surveillance function at enterprise was getting more and more integrated with the broader enterprise security strategies. Terrorism, employee and company assets safety, and theft drove a growing demand for video surveillance in government, transportation, hospitality, and BFSI sectors. Organizations are changing gear from analog to IP-based surveillance. Urban security, hospitality, airport security, and education sectors are witnessing higher investments for installation, as well as upgrading the existing security surveillance infrastructure. Enterprises saw the benefits of integrating IP surveillance with IT security, including a single view of their security architectures, comprehensive and proactive monitoring, faster response time, greater interoperability, and reduced costs.
At the same time, surveillance market is increasingly witnessing convergence with software platforms and access control solutions. Vendors like Tyco, Honeywell, Siemens, Bosch, and Milestone and so forth are developing next-generation surveillance solutions on IT platforms from IBM, Dell, and HP that is contributing to IT convergence.
Even though 2013 was a challenging year because of the economic slowdown and rupee depreciation, the overall demand for network security from enterprises remained robust. The market is expected to continue the growth momentum in the short to medium terms, as enterprises are likely to deploy security solutions.
Key Developments in Content Market
The year was good for CISOs or CIOs as they don’t have to struggle for security budget. Various reports mentioned that in FY14 IT security budgets among enterprise increased at a global level. Today irrespective of its size, every organization has realized the importance of security in this numerous data breaches and the NSA scandal.
With increase in the SMAC technology, exposure to new threats have increased by leaps and bounds. According to Canalys report, security solution providers have been focusing on providing more tailored products to suit small businesses. Many of the solutions focus on simple deployment, a combination of data protection features and ease of management. Hosted services have grown in popularity as they provide a financial shift to capex rather than opex and can be remotely managed by a third party.
In response to the changing threat landscape and customer needs, McAfee acquired StoneSoft in 2013 to expand its Network Security product line with a market leading Next Generation Firewall. In 2014, McAfee is looking forward to further integrating the NGFW into the Security Connected Architecture to provide intelligent comprehensive, uniform, real-time, layered protection to any enterprise from endpoint, network and out to the cloud. They have introduced a new solution, enhancing our existing capabilities to address advanced persistent threats (APT’s) called Advance Threat Detection (ATD). “We acquired over 26 customers in the initial 30 days of launch of the product. This shows our capabilities and value customers are able to see in our offerings” added Jagdish Mahapatra, MD India & Saarc McAfee, part of Intel Security.
One has to agree that the concerns among the industry have been increased but the threats have grown by leaps and bounds. It is important to understand the upcoming threats and adopt preventitive measures. “Companies need to look at security as a business issue and not an IT issue. The same thing applies to the government. With citizens reaching out to them, for all sorts of information, they will want to know what’s happening to the data that the government is responsible for,” says Surendra Singh, Regional Director, India & Saarc, Websense India.
“CIOs and CISOs need the agility to respond quickly and must continuously monitor current and emerging threats, understand the dangers they pose to the assets they protect, and dynamically adapt their plans to the evolving threat landscape. It requires collecting, processing, and correlating multiple streams of internal and external data, then understanding their local implications in a global context,” added Jagdish Mahapatra, MD India & Saarc, McAfee, part of Intel Security.
Some of the trends which one should look for:
“Mobile devices are becoming an attractive target for cyber criminals. For enterprises, limiting the devices that can be used to access enterprise applications is a losing strategy. It’s simply not reasonable for companies to tell customers or even internal stakeholders that mobile access via Android, Apple or other mobile platforms won’t be supported,” added Sajan Paul, Director Systems Engineering, India & Saarc, Juniper Networks.
Instead, enterprises need to improve security by exerting greater control over their mobile exposure. For example, complex financial institutions gather data about their customers’ or members’ devices and meticulously monitor mobile behaviors. When suspicious activities arise, the organizations can restrict or limit the customer’s mobile access rather than locking out large groups of mobile users based on device type.
“Cybercrime has been an industry bugbear that has tormented CSOs and CTOs in a multitude of organizations and made them constantly reassess their security policies. Security measures have become of utmost importance to the industry since these businesses are undergoing a constant evolution in terms of infrastructure, technologies and business requirements. Ensuring integrity of business data is by far one of the most important priorities,” says Shashank Mehrotra, General Manager and Business Head, BigRock
More and more networking sites such as Twitter, Facebook, Google, and Linkedln are becoming the target for Trojans and other forms of malicious activities. Cyber crooks are using social media’s most important value propositions to gain access to protected systems and information. After taking control of users’ account and information, criminals are leveraging and sharing features of social media to effortlessly send infected links to thousands or even millions of followers.
Bring Your Own Device (BYOD)
BYOD is one of the hottest topics in enterprise security. In addition to reducing an organizations overall cost of technology, they are permitting employees to use their preferred device platforms, promoting higher productivity levels throughout the workforce.
“Enterprises are beginning to realize that BYOD introduces a slate of new security challenges into the organization. When employees connect to company servers and databases with devices that are beyond the direct control of the organization’s IT department, it inevitably raises the organization’s risk profile and the volume of unauthorized intrusion attempts,” added Sajan Paul, Director Systems Engineering, India & Saarc, Juniper Networks.
For most enterprises, the right solution isn’t to ban BYOD but to implement BYOD policies that clearly define the proper use of employee-owned devices in the enterprise. BYOD security risks can also be mitigated with robust data leakage prevention solutions and fraud detection systems and restrictions on the types of information that can be accessed via BYOD.
In the coming years, Internet of things (IoT) and machine-to-machine (M2M) are going to be the focus areas for network security players. The industry has still not forgotten how the Stuxnet virus brought down Iran’s nuclear program to a screeching halt a few years ago.
Tarun Kaura, Director, Technology Sales, India, Symantec says, “The Information Security space has been immensely threatened with businesses, government and individuals relying on the internet, for their dynamic needs. At the same time, cybercriminals were also seen devising more sophisticated methods and focused techniques to trap victims.”
It has been feared that similar malware could potentially spew havoc on a wider variety of systems in a developing M2M era. In fact, a Symantec study findings release in 2013 said the Stuxnet virus had not fully been doused on the computer networks globally and its traces are still out in the wild.