This article was originally published on Technology.Info.
As part of our continuing strategy for growth, ITProPortal has joined forces with Technology.Info to help us bring you the very best coverage we possibly can.
Theorising what the most important IT security issues to address may be at any given time is always a highly subjective issue, particularly in this world of advocates, specialists and vendors fixated on their own particular pieces of the puzzle.However, inherent bias aside, based on the very nature of layered security and attack escalation there's no question that network security sits at the very heart of it all. While a huge number of threats filter in through Port 80 and other avenues, if network security is properly aligned and continuously adjusted, a lot of problems can be mitigated even if not altogether avoided.
As such, here's a rundown of the most pressing
that remain heavily in play looking ahead into 2014, and for that matter, nearly all year round.Regardless of whatever area of security you're focused on or the specific types of threats you seek to limit, if these specific areas are addressed more effectively, there's much to gain and a lot less to lose.
Gartner notes that after over 20 years as a building block of any security practice, more than 95 per cent of firewall breaches will be caused by misconfigurations through 2018, rather than vulnerabilities.
VIP access laxness
The proliferation of overly-permissive connectivity allotted to legitimate partners continues to prove very dangerous. A quick look at some of the largest data breaches in recent history highlights that organisations must improve their ability to track and control these important pathways into their networks.
Botnets not caught
Botnets undeniably remain a major issue, with malware architects still flexing their muscles by leveraging established beachheads within enterprise networks. A lot of work remains to be done to better police both inbound and outbound traffic and thwart such attacks.
Security orchestration with IT automation
With virtualisation, software defined networking (SDN) and DevOps being adopted at a furious pace to increase flexibility and optimise networks, there remain sizable hurdles for practitioners in keeping controls in lock step with changing infrastructure. Keep your eyes on this one for sure.
For years we've had experts telling us that the rise of mobile malware would become a huge problem very soon... and then nothing happened. Now everyone is attempting to address the great tide of handheld attacks that have finally arrived and this should refocus efforts on keeping internal controls validated to halt attack escalation once these fears become a reality.
These conclusions may not appear to be very landmark, or all that different from those of years past, but this would appear to be the cold hard truth, at least in my opinion.
Matt Hines leads product marketing efforts at network security assessment solutions provider FireMon. Prior to joining FireMon, Hines held similar roles at TaaSERA, RedSeal Networks and Core Security Technologies, and worked for over a decade as a journalist covering the IT security space for publishers including IDG, Ziff-Davis, CNET and Dow Jones & Co.