NetIQ has been providing and managing computing services securely across physical, virtual, and cloud environments to help customers address complex information protection challenges in a cost-effective manner. At the advent of the 2013, NetIQ company focused on the global information security market, the industry's development and trends put forward their own views.
2012: What year
In the field of information security, 2012 is undoubtedly the year of hacker action, BYOD and the year of the cloud. Many agencies have started deploying the cloud in 2011, and this year is a continuation of the year. Hacking has captured the public's stream of consciousness while the byod trend has risen to the fore in corporate it, and most agencies are struggling to cope with both situations without being prepared for the pace at which these factors are growing.
The rise in hacker action and threat complexity has forced the IT security sector to strengthen its design fence work. With the presence and occurrence of fissures and events becoming more apparent and frequent, IT security departments are under unprecedented pressure. There is a new dimension to the motivation for information technology attacks now; In addition to the attacks caused by the financial benefits and the emotional well-being of insiders, we must now deal with misguided altruism and a large number of different, often unrelated, work matters.
BYOD and cloud have caused the IT department to have an upside down, forcing many people to rethink their corporate security strategy. Together, this bodes well for the advent of it consumers, essentially the democratization of it in the organization. Employees are no longer satisfied with passive acceptance instructions. As consumers, we now prefer more useful and usable applications than ever before. We want to get the same it apps as we do at work. If it technology does not provide enough tools for operational efficiency, users can find relevant it technologies and buy their own tools. The fact that some of these users are C-level managers forces the IT department to respond rather than simply reject requests.
2012 is the year when it security loses a lot of control and is therefore forced to catch up. To evolve with the times, IT security teams need to implement agile, focused, and basic security strategies and processes. 2013 needs to be a year in which companies implement this approach to better cope with the growing pace of change.
2013: IT security challenges facing
Looking to the new year, many themes will continue to ferment. But how will it evolve? What else do we need to think about? Here are 10 points to note:
1. Information and identity will be the center of it, not just the center of IT security. In a technology world where it ceded a lot of its control, there is only one way to mitigate the risks associated with lack of control. That is, the organization needs to understand where all the critical information is, how it is accessed, who/what is accessed, and how to identify the behavior of the very state. This will make it easier for institutions to respond to external challenges.
2. The IT security team will actively seek to gather more data than in the past. Big data as a trend in the 2013 will be a primary concern for IT departments. In the context of IT security, this means a more efficient way to store large amounts of data. The core of mitigating risk and understanding threats is to make data available and accessible in an extensible manner. In the past, scaling up when accessing large amounts of data meant that institutions selectively closed the collection mechanism, causing them to inadvertently disregard potential threats in some cases. 2013 will be a year when organizations start to understand how big data can help them increase the amount of information that the system collects, and how IT security solutions such as security information and event Management (SIEM) can handle increased volumes of data in an efficient manner so that the operations team responds to events in real time. In essence, this means that organizations will be able to use large data technologies to store and access more data than in the past and to manage IT security risks.
3. Security analytics will be of paramount importance. Turning data into useful information for insight is a theme throughout the 2012 years. Recent news reports about the U.S. presidential election have used data that significantly increased in anticipation, analysis and presentation of trends and results. In addition, Nate silver The distinctive features of accurate statistical predictions of elections, which, despite criticism, have brought the value of data analysis to the mainstream. This will only exacerbate the past 2 years of institutional obsession with analytics. For example, some retailers have used this method to better understand their customers. In some cases, the power of analytics has reached an entirely chilling level. In the consumer world This is not wonderful, but on the other hand it is right in the area of IT security. As storage data capacity increases (see above), the ability to effectively and accurately analyze data becomes increasingly critical. This means that institutions must be better at filtering out noise, understanding people's behavior, and being able to draw complex conclusions in real time so that they do not become front-page news for all sorts of wrong reasons.
4. Data scientists will become a core part of the operations IT security team. Organizations will increasingly recruit data scientists into their IT security teams to complement existing technology solutions and support their analytical capabilities. Security technology will be better at identifying threats, but technology cannot always eliminate the human element. As threats become increasingly complex and difficult to identify, the need for trained, analytical elements of the IT security team will be critical.
5. Enterprise Cloud Management will be a major problem. As more organizations move to cloud-activated, cloud-aware environments, the lack of understanding of a variety of cloud technology management, and the lack of service providers and vendors across technology tiers (such as infrastructure, operating systems, applications) will remain a problem to be solved by 2014. Markets, standards and technology are at an early stage. This is unlikely to be easily and completely addressed by the IT team in most organizations. But 2013 will be the year to lay the groundwork for the future. The most important strategic focus is to have a smart, scalable security base.
6. Social identity will be a key part of the corporate security dilemma. The British government announced this year that its system will judge how to use the social identity of citizens. Washington state has allowed voters to register with Facebook. Retailers are reviewing how customers ' social identities can be personalized as the primary identification for the customer experience. The equipment that employees bring to the workplace is pre-installed with social identities such as Facebook and Twitter, which provide an easy, accessible and seamless way for enterprise IT systems to connect identities to employees and their devices. Whether you like it or not, social identity is becoming critical to your business. IT security requires policies and techniques to support this phenomenon.
7. IT security teams will recognize that they must deal with BYOD in a strategic way. Too many organizations have tried to deal with BYOD by deploying mobile device Management (MDM) products. But they soon realized that it was a tactical approach, not a long-term, deft and agile Strategic approach. Agency employees are inclined to revolt by the repression of MDM for their mouthpiece. MDM products are often too restrictive to hinder business. It is more important to have a mobility policy and manage mobile employees than mobile devices. This means that organizations need to focus on monitoring and implementing access to information, and can link everything back to identity. In other words, the strategic, agile response to mobile employees and it consumers is to use identity and access management in conjunction with Siem.
8. Security as a service (SECAAS) will be a real choice for many new IT security projects. Regardless of public awareness, in the 2012 Secaas also mainly in the corporate meeting room on the whiteboard. When it comes to security in the cloud (whether it's a public cloud or a private cloud), people's concerns have always been about data, especially where it is stored and who has access. Service providers are now aware of this entry barrier and have begun to respond. This means that the organization will have a real choice of cloud vendors that can provide the required visibility, accessibility, and technology. Organizations have become very adaptable to software and service (SaaS) models and are increasingly becoming new project deployment options. This will also extend to IT security in 2013, although the agency will remain hesitant. In other words, 2013 will see many Secaas moving from the whiteboard to practice.
9. Institutions will require in-depth insight into user activities beyond logs and events. Most Siem Products simply collect logs and events. This means that most SIEM data collectors have gaps in the data they collect. Organizations will require Siem Solutions to go beyond what standard logs and event capture mechanisms provide, especially given the maturity of large data technologies. For example, standard operating system logs do not capture user activity and data manipulation (and access) behavior on an analytical basis enough to make intelligent, contextual decisions. The ability to capture additional data and provide insight can reduce the number of busy points. In addition, vectors such as identity and behavior become mandatory in the deployed solution as organizations struggle to fight advanced and evolving threats. Integrating Siem with identity and access management infrastructure has never been more important than it is now.
10. Personal cloud will present an important issue for IT security and can become a greater threat to IT security than BYOD. Trends in the fermentation and byod of mobile devices will lead to an increase in the use of non-enterprise approved applications. In addition, many of these applications store data on their own infrastructure and are often third-party clouds that are not directly related to the users of the application. Controlling and protecting enterprise data that may be stored in an employee's personal cloud presents a more challenging problem than BYOD, especially if access is not tied to identity and is not properly controlled. The problem is actually allowing data to be detached from enterprise IT control. Once out of control, institutions have little opportunity to maintain visibility and control over the movement of company data. Further, organizations with compliance responsibilities to report data loss may not be aware of what has happened because of lack of visibility. In fact, organizations may be forced to report data loss on a daily basis for reasons related to employees who have access to the corporate data authority to move data to their personal cloud, and where they have left the corporate it boundary and are in a place where the enterprise has no control, the data must be classified as lost. Organizations must control access to critical data and ensure that visibility is not left out of the enterprise environment. Some organizations can take the appearance of personal cloud as an opportunity to provide employees with similar characteristics of user-friendly business tools, but built-in enterprise security mechanism. Original address: http://server.zol.com.cn/341/3418218.html
(Responsible editor: The good of the Legacy)