It seemed that no matter where I was this year the topic of computer security reared its ugly head. Whether consulting with business executives, sitting on a plane next to a deep security expert, watching a news story about the Chinese government’s concerns about U.S. hardware and software products thanks to the Edward Snowden revelations, at a conference or event -- the topic of security always came up.
So I decided to take a closer look at the state of the computer security market. In days gone by enterprises would purchase antivirus software to protect against viruses and malware, they’d set up firewalls to protect from outside intrusion, they’d buy authorization/authentication software to make sure that their employees and business partners were who they said they were and that they had the right to access certain types of information, and they would encrypt their data to protect data on-the-fly as well as data at rest. But, after major intrusions at Target and Home Depot -- and after the loss of personally identification information (PII) such as credit card data at other organizations -- enterprises now have a heightened awareness on security and want to know what they need to do to go the extra mile to prevent internal and external data theft.
The best security conference that I attended this year was sponsored by IBM in New York City where the company described its “Smarter Counter Fraud Initiative.” IBM has combined a bunch of its software products into an integrated fraud/risk management suite designed to thwart computer fraudsters. This suite of products includes offerings from IBM’s security, data management, entity/predictive/behavioral/context/content/geospatial analytics, social network analysis, forensic analysis, case and content management, and middleware portfolios. It enables enterprises to identify fraudulent behavior (sometimes in real-time by using automated analytics tools) and to take action to prevent fraud from occurring. My in-depth look at this portfolio of products -- as well my view on some of the security services that the company has made available -- can be found here.
But enterprise security may or may not be focused on risk management and fraud prevention. An enterprise may just want to harden its systems and networks in order to resist external intrusion or internal data theft. As stated previously, the old way of protecting systems involved antivirus software, firewalls and authentication/authorization software – as well as encryption. But now enterprises are using new tools and utilities to protect systems and networks, including:
- The use of predictive analytics that can automatically detect anomalies and make systems administrators aware of unusual activities;
- The use of software that can protect against data loss, monitor data activity, mask and redact data, govern data and protect encryption keys;
- Installing software to scan applications and source code to deliver advanced hybrid scanning and correlation as well as fraud detection; and,
- Focusing on people management by using stronger authentication, access management and user provisioning facilities (and by using privileged user management tools, fine grain entitlements and identity governance techniques).
I’ve done a complete write-up of one vendor’s advanced secure data management environment (such as the environment that I just described) that can be found here.
But we’re not done yet… In addition to protecting data in various ways -- and in addition to using more powerful people management tools -- enterprises still need to harden their systems and networks. They need multi-faceted network protection; anomaly detection software; better virtualization security; better asset management; better endpoint/network security management; stronger perimeter security -- and more. The good news is that there are a plethora of products in the market that can provide advanced data security management, as well as advanced infrastructure management. The bad news is that many of these solutions are point products – and enterprises really need broad-spectrum, integrated security across people, data, applications and infrastructure.
Security has come a long way in 2014 -- and with advancements in predictive analytics, security is about to take a big quantum leap in years to come. Look for security vendors that are making use of analytics within their security portfolios and vendors that integrate an entire suite of advanced data/application and infrastructure products (so you don’t have to do the integration work yourself).