Security 2004: How it will shape up

Even with growing security budgets and abundant technology choices, 2003 was a mixed year for information security professionals.

Internet business processes, new technologies and more regulations combined to impose unique security concerns

		Get Up to Speed on... Enterprise security Get the latest headlines and company-specific news in our expanded GUTS section.

on overburdened security staffs. What's more, the year was punctuated by numerous malicious code attacks that led to business interruption, constant emergency activity and lots of overtime.

Security will remain a hot topic in 2004, but while the general theme may seem the same, the particular notes will be different. How will things shape up? Something like the following...

More malicious code, more often
Given "malware" like SQL Slammer, MSBlast and SoBig.F, 2003 was the costliest year in cyberhistory. This presents a frightening picture for 2004. Blended threats, damaging payloads and enhanced social engineering prove that the bad guys are getting smarter, meaner and better organized. Blaming Microsoft will remain a popular cop-out in 2004, but smart CIOs will take direct action through enterprise antivirus coverage, server hardening, disciplined patch management, and--last but hardly least--constant vigilance.

Security appliances galore
Word from the fashion houses in Milan, New York and Paris has it that security appliances are going to be in. The market will see a barrage of multifunction appliances like the Symantec 5400 that ships with firewall, VPN (virtual private network) and antivirus features, as well as content filtering. Also, expect more Windows-based security appliances. Don't laugh but Microsoft knows how to play the appliance game; just look at the dominant position it established in the network-attached storage business. Windows security appliances make a lot of sense for shops that depend upon Active Directory and Microsoft Operations Manager.

Intrusion prevention rhetoric intensifies
Perimeter security battles will be won and lost over which products can most thoroughly block attacks with the highest possible performance. IT folks will have to decide whether to purchase "application-aware" firewalls from Check Point, Cyberguard and NetScreen or intrusion prevention system (IPS) boxes from TippingPoint or TopLayer Networks. Either way, a lot of money is to be made as oodles of legacy software-based firewalls gets replaced with these New Age firewall/IPS devices.

Increased defense in security architecture
Customers will take advantage of an onslaught of low-priced devices to establish greater layered e-mail, content filtering and antivirus defenses.

The security story will continue its slow push into corporate awareness and culture.

In this way, security industry economics and blind luck will help combat the growing threat presented by malicious coders. In a more active move, IT shops will add internal firewall and virtual LANs to segment networks into secure domains. Look for new specialized products that tie into network directories and authentication servers providing dynamic policy-based security and advanced auditing capabilities.

Policies, processes and training finally get some attention
The trend toward hiring chief information security officers, or CISOs, will continue to accelerate and these high-priced folks will be doing a lot more than monitoring firewall logs, or updating virus definitions. Their first task will more likely be an assessment of current security operations followed by an action plan of needed changes. Expect CISOs to make their mark by revamping security policies and attempting to inject security into corporate culture--a tall but necessary order. This activity will be a boon to service providers and consultants like Accenture, IBM Global Services and Unisys.

Strategic projects start to move from back to front burner
The influx of CISOs will also force IT folks to take a closer look at the increasing overlap between security and business processes. This will inspire proactive investigation of questions like: Can policy-based security help provide better service to customers? Will an enterprise identity management implementation streamline processes and save costs? Can centralized security management lower staffing requirements while enhancing security? Don't expect much more than fact-finding activity, but after years of reactive behavior, this strategic activity will be a welcome change.

Financial movement remains robust
As the end of 2003, Check Point bought Zone Labs and VeriSign grabbed Guardent. Big players like Cisco Systems, Microsoft, Network Associates and Symantec also gobbled up security companies. Merger and acquisition activity will accelerate this year, and we may even see a few initial public offerings. All this means industry consolidation, as 800-pound security gorillas try to outmaneuver each other to achieve industry dominance.

Security epiphanies?
The security story will continue its slow push into corporate awareness and culture. Still, don't expect any miracles. There remains a huge gap between the security and business views of the world. Nevertheless, even baby steps will make 2004 a good year for the security industry and corporate protection.