IT Security Opportunities: From Cloud to Analytics
The continued growth in IT security opportunities correlates with metamorphoses in both the technology sector and the security world. Indeed, during the last two years, just about every aspect of IT security has been utterly transformed.
Not only are there more lethal threats than ever, but the way IT security is deployed and managed has changed fundamentally. A few years ago it was enough to deploy antivirus software and a firewall. A few organizations might have gone the additional step of relying on a service provider to enhance their overall security posture. But by and large, those organizations represented a minority of the overall IT market.
Fast-forward to today, and now the assumption is that more corporate networks have been compromised to one degree or another. Antivirus software and firewalls are still important in preventing even more attacks from penetrating the perimeter.
However, thanks mainly to the rise of sophisticated social engineering techniques, end users are regularly fooled into downloading some form of malware. No amount of IT security will be able to protect end users from themselves.
New IT Security Services Challenges Call for New Solutions
Addressing new IT security services challenges requires new tools and techniques.
IT organizations have begun investing at a rapid clip in advanced analytics applications that help them discover faster where malware is hiding inside the enterprise, for example. Once identified, the focus then quickly moves to isolating the infected systems, removing the malware and remediating the vulnerability that the malware was trying to exploit.
That closed-loop approach to IT security, however, requires access to new tools and the expertise needed to run them. For that reason, interest in all forms of IT security technologies delivered as some type of cloud service is on the rise.
"What's happening is new layers of security are being implemented between the cloud and the perimeter," said Gartner analyst Mike Dorosh. "There's a lot more orchestration now between all the security technologies being put in place."
Solving Managed Security Services Challenges
Enter managed security services challenges and opportunities.
As IT organizations discover what's involved in achieving that level of orchestration, it becomes apparent that they don't have the internal expertise required to implement these technologies, Dorosh said. As a consequence, it's only a matter of time before they begin to rely more on IT security delivered as a managed service, he said.
The good news is that work on the platforms needed to deliver these closed-loop approaches to IT security is advancing rapidly.
For example, Sophos just launched an IT security management platform that leverages big data analytics to better identify threats, such as ransomware. Once the threat is detected, Sophos Integrity is designed to automatically quarantine the endpoint affected, while in real time making unencrypted copies of any of the data that a piece of malware might be trying to encrypt.
In a similar vein, Splunk has partnered with more than a dozen IT security vendors to create its Adaptive Response framework,which leverages machine data and machine learning algorithms to reduce the amount of time it takes to determine what actions to take when a threat is detected.
Meanwhile, Cloudera, a provider of a distribution of Hadoop, at the recent Strata + Hadoop World 216 conference announced a proposal in collaboration with Intel that would donate Spot to the Apache Software Foundation. Formerly called Open Network Insight, Spot is an open-source project started by Intel that seeks to increase visibility into security threats using big data analytics and machine learning.
Demand for cloud security services provided by both Trend Micro and Symantec is way up, said Daniel Saks, president and co-CEO of AppDirect, a distributor of cloud services.
"Security creates an opportunity for the channel to add value via the cloud," Saks said.
For similar reasons, Ingram Micro just added the Symantec Endpoint Protection service to the Ingram Micro Cloud Marketplace.
"We think there is a lot of opportunity to bundle security services with offerings, such as Microsoft Office 365, to allow the channel to create more value," said Jason Bystrak, executive director for the Ingram Micro Cloud in North America.
Yet the opportunity for the channel doesn't stop with delivering IT security technologies via the cloud. Tech Data has partnered with KnowBe4, a provider of a cloud service that can be used to train employees not to fall for phishing scams, which are one of the most prevalent means of embedding ransomware inside an organization.
IT Security Opportunities: Managing Processes
Channel partners would do well to remember that the IT security opportunity is multifaceted, said Tracy Holtz, director of security and information management at Tech Data. In the age of the cloud, solution providers are no longer limited by the functionality that can be packed into a piece of hardware, Holtz said.
"Security has become a process to be managed," he said. "It's not something you do once a year when you buy a new box."
Solution providers have multiple options when it comes to delivering security as a service. They can resell cloud services built by a vendor, build their own security operations center or partner with a managed service provider that specializes in security. The challenge any solution provider faces is that the cost of delivering security services on their own is rising. Big data requires substantial capital investments and even if they can find IT professionals with both big data and IT security expertise, they might not be able to afford them.
Regardless of what means they use to deliver IT security as a service, however, one thing that their customers are making clear to each and every solution provider they engage with is that security is no longer optional.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications, including InfoWorld, CRN and eWEEK. He currently blogs daily for IT Business Edge and contributes to CIOinsight, Channel Insider and Baseline.