Future of securuty

Most other pundits agree; email, adware even Instant Messaging and VoIP attacks are all still there and in some cases growing, but the potential for Web-based attack vectors from drive-by-downloads to cross site scripting attacks are becoming an increasingly popular way to deliver malicious code.

Web defence specialists, Websense, recently announced that for the first time in late 2007 the number of legitimate Web sites compromised by attackers surpassed purpose built sites created by attackers. It’s no longer a matter of simply avoiding suspicious Web sites. High profile, trusted sites or even lesser known legitimate sites are likely to from time to time become a source of malware infection.

Websense says it scans more than 600 million Web sites and 350 million emails per week searching for malicious code and traditional security measures are just not designed to handle the new age threats. Attackers know that compromising sites with plenty of traffic and good reputations, coupled with more effective and targeted email lures, can improve their success rate.

IDC’s Bihammar says the traditional approaches to Web security such as URL filtering are no longer meeting the security needs of the enterprise. Where Web site filtering was appropriate as a productivity and security measure in the past, the increasing number of ‘legitimate’ sites being infected by criminal malware means simply blocking obviously undesirable or risky sites is ineffective as a security mechanism.

“What we are starting to see about these threat perspectives is that it used to only be risky sites, but the malware is being uploaded to reliable sites. It is really putting more pressure on sophisticated Web security,” said Bihammar.

“This is an opportunity for the channel to develop in that area,” he said explaining it’s a traditional channel play with vendors providing tools which can be applied relatively easily to the problem.

Two of the most dominant players in this market have become one with the merger of Surf Control and Websense, but other vendors are buying in or developing their own Web traffic filtering solutions that can do more than simply filter URLs.

There are up and coming players too. Finjan, an Israeli company, is gaining marketshare in this space, says Bihammar.

Not all products are a straight appliance or software sale, Websense for example offers an on-demand hosted service, and almost all involve some sort of subscription service to keep reputation scores and signatures up to date.

Privacy concerns

“We are now up against organised and well resourced communities working to their own business model,” says Ovum’s Titterington.

“All the big vendors, including Symantec, IBM (ISS), Cisco etc are taking the battle back to the Internet with everything from comprehensive traffic monitoring, to multi-level protection for customers.”

Second on Titterington’s list of security trends is the need for better user access control and authentication. “Users need something easier and quicker to use, something more resilient than a password,” explains Titterington. “Something that doesn’t incur the help desk costs of forgotten passwords. The smart card vendors are in the forefront here, along with token suppliers such as RSA, and some innovative suppliers such as pictorial key pads,” he suggests.

Echoing other commentators warnings about Web-borne threats, Twittering points to application security. “Organisations are realising that externally facing applications on the Web are providing a soft entry point into corporate data repositories and other assets,” he says.

Of course with the focus on profit whether its fraud or industrial espionage, the enterprise needs to protect its information in a way it never had to in the past. When security was about stopping script kiddies affecting worker productivity or launching DoS attacks to embarrass your Web server, the target wasn’t getting your customer database, your credit card details or even your login for Facebook.

future of security securuty