Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

1/15/2014
09:09 AM
50%
50%

5 Security Services To Consider In 2014

Managed and cloud security services will continue to grow this year; companies should focus on a few mature, or maturing, offerings

With security expertise continuing to be in short supply, managed and cloud services will play a greater role in securing companies in 2014.

Benefiting from the knowledge of managed security service providers -- or the built-in expertise in existing cloud security services -- can help nontechnical companies build the infrastructure needed to stay secure. For more security-savvy companies, service providers can take over the day-to-day security drudge work and allow internal security teams to focus on bigger security issues that may be affecting the company, says Neil MacDonald, a vice president and fellow at business-intelligence firm Gartner.

"If I'm an organization with limited resources, I would rather free up my security team's time to focus on more advanced threats rather than the more routine things like log monitoring, firewall management, and vulnerability management," he says.

Whether a company pursues a managed security service, a cloud security service, or some hybrid with its existing capabilities depends largely on its own expertise and whether the organization already uses the cloud for existing business processes, says Rob Ayoub, research director for NSS Labs, a security consultancy.

"A lot of it depends on how they are using the cloud," he says. "Are they using the cloud as an extension of their existing infrastructure? Or are they using the cloud and consuming services from the cloud as a way to expand their security capabilities or maybe because they do not have the in-house expertise?"

Whatever may be the case for your company, the following services could be in your future this year.

1. Cloud Asset Control
Most companies do not know how much they rely on the cloud, frequently underestimating the number of cloud services being used by employees. From its own customer data, for example, cloud-management provider Skyhigh Networks has found that the average firm uses approximately 550 cloud services.

In the past few years, a number of startups -- such as CloudPassage, Netskope, and Skyhigh Networks -- have focused on the problem of taming the wild and varied adoption of cloud services. These cloud-application visibility services allow companies to discover what services they are using, the risk those services pose, and then manage the threat, says Jim Reavis, co-founder and CEO of the Cloud Security Alliance.

"These types of services give you a pretty good visibility into what cloud services are in use, and allow companies to take the next step and implement controls," he says.

2. Log Management To Incident Detection
Many companies already use a service provider to collect and manage logs, archiving the data for compliance purposes. With an increasing focus on network and business visibility, companies need to turn those logs into information on what is happening in the network.

The category actually covers a spectrum of services, from log management to security information and event management (SIEM) systems to big data analytics. Once companies have their log monitoring in the cloud, there is no reason not to look at analyzing the data, Gartner's MacDonald says.

"They can essentially tell you if you have been compromised," he says. "That can be intensely interesting, especially if you are a smaller organization and you don't have the resources to build a security operations center."

[Companies need cloud providers to delineate responsibilities for the security of data, provide better security information, and encrypt data everywhere. See 5 Ways Cloud Services Can Soothe Security Fears In 2014.]

Eventually, a focus on detection will turn into a focus on response and shutting down attackers, making incident-response services -- such as what may come from FireEye's purchase of Mandiant -- likely to grow significantly over the next few years

3. Identity Management
As companies rely on an increasing number of cloud providers, managing access to those services has become more complex. Identity and access management in the cloud makes a lot of sense for firms that use a large number of cloud services, CSA's Reavis says.

"There is a real risk that employees duplicate their identities out on the Internet, and that raises the risk of a lateral attack, where a breach at one provider allows attackers to breach the employee's other accounts," he says.

4. Encryption
The revelations that the U.S. National Security Agency is collecting massive amounts of data from the Internet has caused more companies to pay attention to how their data is secured in the cloud. While locking down data at rest with encryption is a good idea, especially when it is outside the firewall, many companies had been relying on the security of their storage providers to protect the data.

While a number of cloud services focus on encrypting data in cloud services, such as CipherCloud and Voltage Security, the market is still nascent. That will likely change this year, as cloud services focusing on encryption and access-management grow, NSS Labs' Ayoub says.

"I think identity and encryption are the two areas where we will see a lot of adoption this year," Ayoub says. "We need to focus on protecting who's accessing the data, and we need to focus on protecting the data."

5. Security Testing In The Cloud
Many companies have to focus on securing their software, not just their networks, whether the software is internally developed or comes from third parties. Outsourced application testing or application-testing in the cloud are able to find the most common bugs, help train developers, and hold third-party software firms to a standard security assessment.

"Application security testing is more difficult work, but it is becoming better understood," Gartner's MacDonald says. "By using one of these vendors to test their applications or require that their supply-chain partners to test their applications, they can enhance their security."

A number of companies offer application testing and assessment services in the cloud, including Cenzic, Cigital, Veracode, and Whitehat Security.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline ... View Full Bio

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
Derek Manky, Chief of Security Insights and Global Threat Alliances, FortiGuard Labs,  7/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-3931
PUBLISHED: 2020-07-08
Buffer overflow exists in Geovision Door Access Control device family, an unauthenticated remote attacker can execute arbitrary command.
CVE-2020-15600
PUBLISHED: 2020-07-07
An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
CVE-2020-15599
PUBLISHED: 2020-07-07
Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
CVE-2020-8916
PUBLISHED: 2020-07-07
A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We recommend updating, or to res...
CVE-2020-12821
PUBLISHED: 2020-07-07
Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.