As 2014 comes to a close, our subject matter experts check in on what they see as major topics and trends for the new year. (You can read all of our 2015 predictions content here.)
1. Cloud security will become less cloudy
It’s amazing how fast things change. It was not that long ago that cloud computing skeptics said that no one will use the cloud for business applications because of the security issues. Now we hear from customers that they are moving entire datacenters – not just select applications – to the cloud. Why? Ubiquity is one reason. Reduced costs are another. Finally, they are realizing that security -- specifically next-generation security -- can be used to protect their applications and data from advanced cyber attacks. But traditional, port-based security technologies cannot exert the same levels of control.
With the recent release of our VM-Series for both Amazon Web Services and KVM joining Citrix SDX and VMware ESXi and NSX support, 2015 will be the year that customers can protect their public, private or hybrid cloud-based applications using the next-generation firewall and advanced threat prevention features found in our enterprise security platform. Further clarifying cloud security will be the elimination of the time-lag between virtual machine provisioning and security deployment through the use of native automation features such as VM-monitoring, dynamic address groups and the XML API.
2. The benefits of network segmentation based on Zero Trust will be realized
During a recent customer visit, a tenured networking professional challenged our discussion around network segmentation based on Zero Trust principles, stating he had been segmenting the network for security for years. “So what’s new here?” he asked. Conceptually there is nothing new here; rudimentary network segmentation can be done by routers, switches and even firewalls. The key difference is in the level of granularity by which we can segment the network.
The rash of recent high profile breaches -- where attackers hide in plain sight on the network -- points to the need for segmentation principles that are more advanced than mere port, protocol or subnet. As the conversation with this networking professional continued, I pointed out that with the application identity, a view into the content and knowledge of who the user is, we can segment business critical data and applications in a far more granular fashion than rudimentary segmentation would allow.
Specifically, we can verify the identity of specific business applications, forcing its use over standard ports and validating the user identity. We can find and block rogue or misconfigured applications -- all the while inspecting the application flow for file types, and blocking both known and unknown threats. In 2015, I expect to see many organizations continue to re-think how they are segmenting their network and applying Zero Trust principles of Never Trust – Always Verify using the application, the respective content and the user as the basis for policy enforcement. The benefits our customers will begin to realize include improved security posture with less administrative effort.
3. 2015: The year of focus
According to IDTheftCenter.Org, 2014 had, as of Dec 2, 708 data breaches resulting in the loss of more than 81 million records. That represents data from roughly 25 percent of the U.S. population and the year isn't even over. So in the spirit of Christmas, my last forward looking 2015 entry isn’t a prediction but a wish. While I don’t believe we will ever know the details behind the 700+ breaches, it’s safe to say that there were multiple steps along the way where someone could have said, “We could have been more focused here." My 2015 wish is that users, netsec professionals and executives all become more focused on their respective network security responsibilities.
Datacenter security is among many industry-specific topics planned for Ignite 2015, where you will tackle your toughest security challenges, get your hands dirty in one of our workshops, and expand your threat IQ. Register now to join us March 30-April 1, 2015 in Las Vegas — the best security conference you’ll attend all year.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.