![DR Technology Logo DR Technology Logo](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt4c091cd3ac9935ea/653a71456ad0f6040a6f71bd/Dark_Reading_Logo_Technology_0.png?width=700&auto=webp&quality=80&disable=upscale)
News, news analysis, and commentary on the latest trends in cybersecurity technology.
8 Security Dinosaurs and What Filled Their Footprints
Security technology has to evolve as new threats emerge and defenses improve. Here is a look back at the old breeds that are dying out.
February 2, 2022
![Toy stegosaurus and triceratops watch on a laptop as toy T. Rex attacks another stegosaurus Toy stegosaurus and triceratops watch on a laptop as toy T. Rex attacks another stegosaurus](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt01107c2945c4aa0f/64f150f163b06d892ab98715/dinosaurs-CharlesTaylor-AdobeStock.jpg?width=700&auto=webp&quality=80&disable=upscale)
Source: Charles Taylor via Adobe Stock
Cybersecurity technology is always evolving because the bad guys zig when defenders zag, and new technology and infrastructure is the name of the game in IT, constantly forcing tech revisions on the defensive front. Given this fundamental state of flux, it should come as no surprise that the security world is full of tech dinosaurs on the route to extinction, typically in one of two major fashions. Either they slowly die off in favor of gradually evolving alternatives — sometimes really slowly, as with the generations-long die-off of tape backup — or they experience a big-bang extinction caused by major shifts, such as the sudden rush to remote work wrought by lockdowns that has sped up the demise of enterprise VPN.
Either way, the following security technologies are going, going, gone.
Dying Out: Secure Email Gateway
Evolving To: Native Email Security
Forrester Research analysts out-and-out told the market that secure email gateways are "slowly becoming dinosaurs as customers turn to the native security capabilities of cloud email infrastructure providers like Google and Microsoft," in the recent "Forrester Wave: Email Enterprise Email Security" report. This is a classic case of the main features from a security product getting baked in as a component of the technology it was designed to protect. That's really the way security improvements are supposed to work. Forrester says that security professionals are supplementing native capabilities with third-party solutions, like cloud-native API-enabled email security.
Dying Out: Authentication Token Key Fobs
Evolving To: Authenticator Apps, Yubikey
There was a time where authentication token key-fob devices were the gold standard for burgeoning two-factor authentication (2FA) applications. But even in the heyday of key fobs like RSA SecureID token code generators, they simply weren't very easy or flexible to use. With a diverse array of affordable and mature options available that range from simple authenticator apps to physical devices evolved for frictionless use in the mobile age, devices popping up auth codes to be entered into a device are going the way of the pterodactyl.
Dying Out: Tape Backup
Evolving To: Cloud Backups, Disk
The IT industry has been arguing over the death of tape since before the latest generation of hackers were in diapers. Tape has persisted because it is an affordable, portable, and stable known commodity — pretty good attributes for a data retention medium. However, it's notoriously slow to recover data from tape, and as the price of disks have gone down dramatically and cloud models have changed, the economics of business continuity have shifted considerably over the past decade. Certain tape traits, such as offline capabilities that can offer ransomware resilience, may keep it a living fossil for a while yet, but for many organizations it is increasingly turning into a very niche solution.
Dead: Secure Sockets Layer (SSL)
Replaced By: Transport Layer Security (TLS)
It took many years, but at this point SSL encryption is now firmly in the rearview mirror for the vast majority of major websites. The "2021 TLS Telementry Report" from F5 Labs found that at this point, only about 2% of sites are still hanging on to SSL v3. Meantime, it has been a slow push to get everyone on the same page with the most secure TLS1.3. The report shows that TLS1.3 has reached critical mass as the most-used protocol, present in 63% of the top 1 million Web servers. But there are plenty of sites that are still aren't using it. In some countries like China and Israel, just 15% of servers support TLS1.3.
Dead: BlackBerry
Replaced By: iPhone, Android
There was a time when BlackBerry smartphones were the primary mobile device operating on enterprise networks. At first it was because they were the only viable technology, and then because they were the only ones secure enough to meet corporate standards. The advent of the iPhone and, subsequently, the Android provided a rolling lesson to security policy practitioners (and vendor strategists) on the importance of balancing usability with security. Research in Motion's inability to keep up with user-friendly, reliable features that created the iPhone juggernaut put BlackBerry devices on the course to extinction, which came to an end this month when the company announced it would no longer support its phones as it shifted to other parts of the mobile market.
Dying Out: SIEM
Evolving To: XDR, SOAR
There has been no major extinction event for the security information and event management (SIEM) market so much as just many paths of evolution that pop up to satisfy SIEM's unfulfilled market promises over the years.
"SIEM should have been about managing discrete forms of data from a wide variety of devices and logs — endpoint and network — to allow for building robust detection. What SIEM became was data normalization tied to storage costs," explains John Bambenek, principal threat hunter for IT operations firm Netenrich.
He adds that extended detection and response (XDR) is a repackaging of evolved technology to do what SIEM promised when it broke into the market years ago.
"We are just starting to develop robust detections that can correlate endpoint, network, and cloud behavior to finally realize the promises we've been making for almost 15 years," Bambenek says.
Dying Out: VPN
Evolving To: Zero Trust, SASE
The writing has been on the wall for a while about the diminished role virtual private networks (VPNs) would play in supporting remote work in an era of distributed cloud computing. VPNs are a product of an on-premises, network-centric world, and it was only a matter of time before newer security technology, like zero trust — aided by software-defined WAN (SD-WAN) and secure access service edge (SASE) — led the way in providing secure and user-friendly access. Pandemic lockdowns forced the issue at many organizations that couldn't easily scale VPN to provide secure access to their suddenly remote workforce, accelerating the demise of VPN at many organizations.
Dying Out: NAC
Evolved To: Zero Trust, CASB, SASE, UEM
In a lot of ways, the goals and promises of network access control (NAC) when it first hit the market over a decade ago were overly ambitious for what the technology could do. Simple pre- or post-admission policy checks to ensure up-to-date antivirus deployment on an endpoint were about the extent of things early on. When some implementations layered on agent-focused approaches and more strict policy enforcement based on user behavior, a lot of NAC deployments went sideways because the policy decisions and management fundamentals to implementing the technology were notoriously difficult to get right and could introduce a lot of user friction.
Nevertheless, the need to bring sanity to access control is as strong as ever, which has fueled the persistence of NAC thus far. But in the intervening time, cloud models have rerouted the pathways to sensitive data, and tons of security alternatives for enabling safe controls — both on-premises and off the network — have proliferated. NAC's various value propositions are filled in half-a-dozen cloud native categories that are more future-facing, including zero trust, SASE, UEM, and CASB.
Dying Out: NAC
Evolved To: Zero Trust, CASB, SASE, UEM
In a lot of ways, the goals and promises of network access control (NAC) when it first hit the market over a decade ago were overly ambitious for what the technology could do. Simple pre- or post-admission policy checks to ensure up-to-date antivirus deployment on an endpoint were about the extent of things early on. When some implementations layered on agent-focused approaches and more strict policy enforcement based on user behavior, a lot of NAC deployments went sideways because the policy decisions and management fundamentals to implementing the technology were notoriously difficult to get right and could introduce a lot of user friction.
Nevertheless, the need to bring sanity to access control is as strong as ever, which has fueled the persistence of NAC thus far. But in the intervening time, cloud models have rerouted the pathways to sensitive data, and tons of security alternatives for enabling safe controls — both on-premises and off the network — have proliferated. NAC's various value propositions are filled in half-a-dozen cloud native categories that are more future-facing, including zero trust, SASE, UEM, and CASB.
Cybersecurity technology is always evolving because the bad guys zig when defenders zag, and new technology and infrastructure is the name of the game in IT, constantly forcing tech revisions on the defensive front. Given this fundamental state of flux, it should come as no surprise that the security world is full of tech dinosaurs on the route to extinction, typically in one of two major fashions. Either they slowly die off in favor of gradually evolving alternatives — sometimes really slowly, as with the generations-long die-off of tape backup — or they experience a big-bang extinction caused by major shifts, such as the sudden rush to remote work wrought by lockdowns that has sped up the demise of enterprise VPN.
Either way, the following security technologies are going, going, gone.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024