TMCnet News
The question of security has been grabbing the...(Microscope (UK) Via Acquire Media NewsEdge) The question of security has been grabbing the headlines almost daily in the last few weeks. From the RSA server breach to the leaking of customer data at Play.com, Trip Advisor and a host of others embroiled in the Epsilon leak, the question of securing data is big news. Tomorrow the industry gets a chance to tell customers just how it has the answers to the problems at the InfoSec show in London. Key data security features Most customers heading to the show will be aware - thanks to the latest McAfee and Symantec market surveys (see panels on pages 14 and 16) - that the issue of securing data is not just full of threats but bears up a few features worth mentioning here. Firstly, targeted attacks are on the rise and much greater vigilance is required; secondly, social networks are now being used extensively to lure people into scams via shortened links; and finally, mobile working is causing plenty of people headaches and all of this is happening at an exponential rate. But helping customers deal with security is not just about chucking a load of products at the problem but crucially, against a back ground of consolidation, to help them manage their defences. "We have seen a sea change in the level of threat over the past year or so, with a huge increase in the number of sophisticated and targeted attacks, and an increasing trend of mobile working as users connect from home and on the road," says Ciaran Rafferty, vice-president UK & Ireland at Sophos. Affordable sophistication "The economic situation - with cutbacks in manpower and resources in all sectors, coupled with the increasing complexity of the threats - means customers are looking for vendors that can offer them products that work to an increasingly high standard to cover all bases and reduce their attack surface, but also deliver real efficiency and cost savings," he adds. That challenge is being addressed across the industry as customers want affordable but highly sophisticated products. Jamie Peacre, UK & Ireland regional sales manager at WatchGuard Technologies, sums up how the market has helped it deliver a strong set fourth quarter results. "Demand continues to fuelled by a common business need, to have affordable and effective security solutions to prevent threats, such as spam, viruses, malware, spyware, as well as to protect against rogue applications, hackers and identity thieves. The list goes on," he says. "Resellers who cover all bases with multi-function, integrated and easy to manage solutions, combined with selective cloud services only where it makes sense, will have the edge in 2011," he adds. Not only do products have to be simple to manage but complex in capability but increasingly the mission customers are giving resellers is to help them secure an ever more mobile workforce. The consumerisation of IT is also feeding through to the workplace, forcing firms to look to their channel partners to help them manage platforms and devices securely. "As employees use their own devices to connect to the corporate network, it is likely the devices are unknown, unsecure and potentially unsupported by their company's IT function," says Nigel Seddon, regional sales director for Northern Europe at LANDesk. With the rapidly expanding use of cloud computing, unauthorised devices such as Smartphones, iPhones and such can also be a conduit through which malware of varying nature could reach that same network. More so now than ever it is imperative resellers recommend the right tools and products to ensure that their customers are always protected against threats," he adds. The growth in cyberthreats But away from talking about the most recent threats, resellers attending InfoSec will be aware that, compared to other parts of the technology industry, security has fared pretty well. "Customers can delay certain non-essential IT spends, but to be lackadaisical in maintaining the required and latest security is a threat to the business. Cybercriminals are launching increasingly sophisticated attacks daily, and the threat landscape is further complicated by the use of an ever-expanding array of mobile devices in the workplace. "As businesses allow the use of these new technologies, they must update their security approach to support these new user requirements," says Ian Moyse, EMEA channel director at Webroot. The growth in awareness around nation-backed attacks - which have become more commonplace since Google announced last year it had been targeted by the Chinese government - means most customers are aware that they are not trying to defend themselves against teenage virus writers anymore. "Most worrying is that these attacks are becoming more and more sophisticated. Technology is evolving fast, but the counter-benefit is that so are the threats," Moyse adds. "Channel organisations need to ensure they are acting as advisors to their customers to stay ahead of the game as much as possible," says David Caughtry, director of core technology at ComputerLinks. "Most of all, these attacks reinforce the message that organisations need multiple levels of security, not just a single solution from one vendor. "This is nothing new; it's all about building a multi-layered security environment from a blend of best of breed vendors. Companies can't afford to put their heads in the sand on this; keeping threats at bay will be a challenge but the industry is constantly evolving and at the end of the day, keeping ahead of new threats is what this business is all about." The need for multiple layers is nothing new, but the sense that they are needed more than ever to keep out criminals determined to gain access to sensitive data is much more palpable now than in the past. "Cybercriminals have gotten smarter, more sophisticated and more financially motivated. They are now well funded, well organised and more proficient at what they do," points out Moyse. "The threat experts at Webroot are seeing up to 100,000 new malware samples daily, and we're seeing an increase in blended threats that employ e-mail and web to lead to infection. However, as cybercriminals are evolving their attack methods, the security industry needs to catch up," he adds. The security industry not only faces the consequences of customers consolidating around fewer products but also need to recognise the challenge of providing products that deliver in the current threat landscape. "Customers currently have to put up with threats that get past traditional security solutions that for a long time have been 'good enough'. Security vendors must step up their game in line with the attackers and adopt new approaches to protecting customers," adds Moyse. Challenge to raise the game His answer is for cloud security to change the game, to deliver consistent protection and manage security on behalf of customers, across any device, anywhere, at any time. There should be some evidence of what is currently being offered via the cloud at InfoSec and there are questions for which the industry will need to find answers for customers concerned that their traditional methods of protection are quite simply now outdated. "Right now, many organisations feel that they are on a burning platform and they don't know which way to turn. They see an increasing number of threats evidenced by weekly news of data breaches, they are being asked to provide more access for their staff, they are under greater regulatory pressure," says Stephen Howes, founder and chief technology officer at GrIDsure. "Doing nothing and burying your head in the sand is irresponsible and not an option. It's important to understand that there will never be a perfect one-size-fits-all solution. Organisations need to choose a solution or a set of solutions that meet the risk they are trying to mitigate, fits their budget, and most importantly is effective and easy to use so it will be accepted by the end users," he says. The channel will be the first point of call for customers looking for that advice but there has to be a difference in the sales pitch, because as the last month shows, the threat landscape is much more dynamic. "Customers should start thinking differently about purchasing security and vendors need to be smarter at selling security. The days of buying and selling the same old big brands at a high prices is over as the blue chips struggle to keep up with evolving threats, especially when that brand can't even protect themselves and their customers," says Stephen Hope, director at Winfrasoft. "In the current economic climate, cost is a huge factor and the equation 'the more I spend the more secure I am' doesn't hold water anymore. Every security penny must be spent wisely and show a true risk/reward benefit," he adds. That message is one that the industry has heard before but needs to act on now more than ever as the world of security enters yet another stage of its history. (c) 2011 Reed Business Information - UK. All Rights Reserved. |