7 Hot Security Terms (and Buzzwords) to Know
How the security industry has a conversation with itself is constantly changing and the latest terms as well as buzzwords point us to where the technology is heading.
March 6, 2017
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt0abd903808f762ee/64f0d8503c6bc15e0ee18da5/01-buzzwords.jpg?width=700&auto=webp&quality=80&disable=upscale)
It's tempting to dismiss buzzwords as slang-y, cliché, and overused (and they are … literally). But in the security industry, both buzzwords and the latest terms the industry has coined to describe a new technology or put a new spin on an old one also provide barometer-like clues of where the industry may be heading. What it's excited about. Or how it sorts the jaded veterans from the newbies.
There were plenty of examples of the latest terms and buzzwords in full view at the RSA Conference in San Francisco last month. Here's a look at some of the more prolific ones seen and heard there; it's not an exhaustive list, so we're counting on you to help us embellish it. What did we forget? Please let us know in the Comments section.
No, it's not a new way to eat or carry water from the well. Bucketizing, according to a security marketer who coined the term, is a willful segmentation of hardware functions, including security. A bucketized piece of equipment is supposed to give customers more choices and flexibility.
So rather than functions that are integrated in silicon or consolidated from a management perspective, bucketized features are more modular. And they are likely to start popping up in invoices for security products and services. Bucketize is a descriptive if inelegant word, and probably has more marketing wallop than "mix-and-match." But keep an eye out for it in high-end networking platforms and switches, where multiple functions and processes (including security) could benefit from bucketizing.
There was plenty of talk about machine learning at RSAC. Machine learning, of course, is that process whereby a computer program changes based on data it's receiving, but without any explicit, new development work. Given the rapidly changing threat landscape faced by most infosec professionals, machine learning could be a godsend for security applications.
Where the machine learning conversation starts to go off the tracks is when the term gets used interchangeably with artificial intelligence. Machine learning is a subset of AI, but not a synonym. "AI focuses more on interacting with people or on human-type interfaces, where machine learning is more in line with large data analysis looking for trends and uncovering anomalies in huge datasets," explains Dave Dufour, senior director of security architecture at Webroot. And that's why so many people in security are talking about machine learning.
Micro-services wasn't on everybody's lips at RSAC, but this offshoot of software development that's used in service-oriented architecture (SOA) could transform security on multiple levels. In a nutshell, micro-services decouples the kernel, the operating system, and the application language from one another. Tools like Docker allow developers to perform this software slight-of-hand and yet still create code that runs.
Why should security professionals care? Encryption vendors like Thales e-Security foresee each of these levels of software (kernel, OS, application) not just being decoupled but also encrypted. That sort of innovation, if it can be made to work and properly scale, would seriously complicate the job of hacking and writing malware, explains Sol Cates, vice president of technology strategy at Thales.
Most security experts agree that the protection model in which a smart firewall divides users into trusted and untrusted groups has started to show its age.
Multiple vendors at RSA were talking about a new security model built around the idea of compartmentalization, according to Chris Vickery, a researcher with MacKeeper Security Research Center. This new model jettisons the old binary of a trusted, inner network that's coupled with an untrusted, external network, Vickery adds. "What vendors at RSA were describing was compartments that don't trust each other, similar to a honeycomb," he adds. And the only part of the network that's trusted is inside a single compartment.
But at least in its earliest iterations, compartmentalization takes a toll on performance from the server to the desktop, tablet, and smartphone. "I can't imagine many company execs would be convinced that the impact on work speed would be worth the extra security," Vickery says. Users probably wouldn't be too keen on it, either. But if vendors can make the security flow of compartments more efficient, it could mean a powerful new weapon in the enterprise security arsenal.
It's tempting to dismiss buzzwords as slang-y, cliché, and overused (and they are … literally). But in the security industry, both buzzwords and the latest terms the industry has coined to describe a new technology or put a new spin on an old one also provide barometer-like clues of where the industry may be heading. What it's excited about. Or how it sorts the jaded veterans from the newbies.
There were plenty of examples of the latest terms and buzzwords in full view at the RSA Conference in San Francisco last month. Here's a look at some of the more prolific ones seen and heard there; it's not an exhaustive list, so we're counting on you to help us embellish it. What did we forget? Please let us know in the Comments section.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024