subscribe: Daily Newsletter

 

New year’s resolutions for secure IT

0 comments

Resolutions. Everyone makes them but not everyone sticks to them. But when it comes to IT security, organisations cannot afford to be complacent. Martin Walshaw, senior engineer at F5 Networks, points out some changes that are truly worth making this year.

Resolution 1: Lose some weight (seriously, I mean it this time)
2016 will finally be the year that we start reducing our security footprint – not by loosening security, but through consolidation. The first priority will be slimming down firewalls by consolidating our distributed defences onto core networking devices to make security easier to manage, control and troubleshoot.

Resolution 2: Read more
Not books, although those are good too, but in 2016, we’re going to inspect more outbound SSL traffic. Today’s security tools typically monitor incoming traffic for malware, but the zero-trust/SSL everywhere model leaves a blind spot for inspecting outbound flow. The need to ‘break and inspect’ outbound traffic will be crucial in securing the network in the year ahead.

Resolution 3: Make new friends
We’ve already seen the beginnings of this resolution, but in 2016 there will be an uptrend of traditional security vendors partnering with networking companies and cloud providers. In the age of hybrid data centres and mobile workplace environments, enterprises can no longer depend on traditional network firewalls to keep their data safe and vendors with areas of expertise will need to bridge the gap to create a more comprehensive security solution. The perimeter is disappearing and vendors are teaming up to secure enterprise networks at the application level.

Resolution 4: Try new things
The next wave of cyber-attacks have evolved and attackers are moving to a more targeted approach – with some attackers even coding to bypass specific security firms’ capabilities. This results in malware mutating at a rate that is difficult for both the enterprise and security firms to keep up with. In 2016, we’ll look for new vectors to help enterprise partners keep up with fast-moving, constantly evolving threats, making behavioural analytics a new priority to ensure your data and apps are doing what they’re meant to do.

Resolution 5: Secure the IoT
As more devices and applications join the IoT ecosystem, the likelihood of vulnerabilities facing data centres increases exponentially. In 2016, the industry focus will shift from concerns over IoT devices being turned into a bot army, to a conversation about keeping IoT traffic secured, and out of sensitive areas. Security teams will start establishing baselines for web application security to measure against it and monitoring systems, which will also help ensure the bot army doesn’t become self-aware just yet.