It’s that time again when many security gurus stop to pause and reflect and what has been – and more importantly what is to come. Those security professionals who can correctly anticipate the impact of sweeping trends, will find themselves better positioned to deal with changes to their job function or duties and as a result will be in a much stronger position to proactively navigate their careers. Perhaps these three insights will help!
1. We’ll get a glimpse of the ‘Internet of Things’
What does that mean? We’re on the cusp of technological advancements that sci-fi movie fans have so far only dreamed of! I believe we will witness a level of industry-wide cooperation, coordination, and partnership that has never occurred before, to facilitate the successful transition to IPv6. In addition to massive infrastructure modifications and constant testing, the transition itself is a highly technical endeavour What is undeniable is the vision behind IPv6 matches the effort it will require to get there.
Commonly referred to as an “Internet of things”, IPv6 adoption (and the 340 billion IP addresses it brings) promises a world where every physical object is linked up to the Internet and able to communicate with every other object. Running out of daily necessities, such as a pint of milk, will be confined to the history books as the fridge will be capable of ordering supplies online. However, getting to that point will not be an easy task.
Over the next 12 months, we will witness the formation of “IPv6 islands” within larger IPv4 networks. These pure IPv6 subnets will help the industry to mature. Vendors will introduce support for IPv6, and network engineers will gain knowledge about its architecture, routing, and security. In addition, human and financial resources will be dedicated to moving IPv6 forward.
To date the transition from IPv4 to IPv6 has been slower than expected, but it is suddenly accelerating. The reason it is being fuelled now is the depletion of IPv4 internet addresses, with just four billion left in existence! For that reason, I predict 2013 will be a year of significant experimentation and learning and, while it’s unlikely that the complete “Internet of things” will manifest itself in a dramatic way over night, the infrastructure upgrades required to make that happen will evolve significantly. Hold on to your hat!
2. The focus of IT will change from provider, to service delivery
In recent years we’ve seen applications become the lifeblood of the modern enterprise. How long could a brokerage last if its customers could not access its e-trading application? Imagine the chaos on the wards if doctors and nurses can’t access patient records? What if your company’s payroll application crashed and you couldn’t get paid!
It is this kind of dependence on applications that, I believe, will drive the change of corporate IT to be less focused on providing and maintain the infrastructure (although this will still be important) and focus attention on service delivery.
We’ve already started to see this with some progressive organisations – for example, the rise of web-based applications and cloud-based, “as-a-service”, business models. Although cloud computing has changed how and what enterprises outsource, in 2013 we will see the ripple effect hit internal IT organisations. New departments, such as application operations and application development will start to infiltrate the organisation.
Change processes will span across departments including application development, IT operations, and network security. To become more agile and responsive, enterprises will need to improve communications between the various groups within IT and will likely rely on process automation and other technology-driven solutions to expedite this shift.
3. Firewalls will be embedded within network infrastructure
Canalys Research estimates the IT security market at $22 billion in 2012, and growing by 8.7 percent each year. Technology vendors want to go where the money is so we can expect many to expand into security. For network infrastructure providers, the firewall becomes an obvious point of entry.
While the enterprise firewall market is already saturated it is far from stagnant. New firewalls continue to be introduced, enhanced unified threat management systems (UTMs), and the incumbent firewall vendors have developed their own NGFWs.
In 2013, I believe, this trend will accelerate. Companies from various domains will introduce their own firewall, each with enough razzamatazz to secure adoption – how much will vary. In tandem, I think enterprises will find themselves with an increased set of management challenges, not least that they’ll now have far more firewall ‘flavours’ to choose from.
Overall, I see innovation and progress to upgrade infrastructure, improve architecture, and design as the drive behind major shifts within and outside the realm of IT security over the next 12 months. To that I would like to add a word of caution.
Rather than just adding more to the melting pot, I think organisations will need to streamline the unavoidable resultant complexity, and leverage the expanded set of infrastructure offerings, if they’re to succeed in “future-proofing” their networks. They’ll need to if they’re going to survive the onslaught of cyber-attacks, rise to the challenge from increasingly complex compliance, prepare for the transition to IPv6, and deliver improved application services.
Twenty Thirteen – Bring it on!