World War Z: Security Solutions Treat Symptoms, Not Causes

The public loves movies and TV shows about the living dead, but when it comes to IT security, zombies (or bots) remain a source of growing concern. Then there’s the whole issue of Big Brother spying on us. Between malware, breeches by cybercriminals, staff and partners, or governments, security is generating a lot more attention, but another issue is that we’re very good at treating the symptoms, at least once they’re discovered, but not so good at dealing with the root causes.

In medicine, its understood that if you only treat the symptoms and don’t understand the cause of a virus or infection, that the treatment will only be marginally successful, if at all, said Tom Stitt, Director of Product Marketing, Sourcefire, the security vendor just acquired by Cisco. In a recent interview he added that unfortunately, many vendors have ignored this reality when dealing with malware.

IT security is a mess. Of the 621 confirmed data breaches and more than 47,000 security incidents included in the Verizon 2013 Data Breach Investigations Report, large-scale financial cybercrime and state-affiliated espionage dominated the security landscape in 2012. Additionally, the compromise-to-discovery timeline continues to be measured in months and even years, as opposed to hours and days, and third parties continue to detect the majority of breaches (69%).

According to a recent report, the IT security market will grow at a CAGR of 9.29% over the 2012-2016 period, and cloud will play an increasingly significant role. In addition to Cisco, the key vendors include EMC Corp., Fortinet Inc., Hewlett-Packard Co., Juniper Networks Inc., McAfee Inc., Palo Alto Networks Inc., Symantec Inc., and Trend Micro Inc. The almost 10% rate is more than double the 4% increase overall IT budgets will see in 2014.

The demand for cloud-based security solutions is increasing in large part because companies are finding it difficult to manage standalone or integrated network components because of issues such as budget constraints, and lack of resources and expertise to address security issues. The report said they are increasingly opting for cloud-based IT security solutions, which are cost-effective, compliant with PCI DSS, and offer round-the-clock monitoring of the system.

A new survey reports that 41% of respondents plan to increase their security budgets in 2014, a 16% increase compared to the number of budgets that rose in 2013. About two-thirds of the respondents said they are now more concerned with security, following media reports of breaches and leaks, but only large organizations with more than 1,000 employees are planning to improve IT security controls.

Another new report finds that tech giants like Facebook, Google, and Microsoft are beefing up their security measures to counter government spying. According to Cyber IT, budgets are expected to increase from $65 billion this year to $93 billion in 2017, and last week, Microsoft confirmed that they plan to step up their cyberdefenses to counteract the NSA.

At the end of the day, security is “a whackamo process, addressing the symptoms of an infection”, said Stitt. However technologies have evolved to be more effective at addressing root causes rather than just symptoms, and this paradigm shift is shifting security from its detection focus to more of a control mindset, where detection is just part of the process to understand the cause.

The evolution from the existing arms race and bolt-on approach to security includes such elements as leveraging Big Data to capture data over time, offloading a lot of the heavy lifting of analysis to the cloud, and the ability to look back at things retrospectively, said Stitt.

Cisco completed the $2.7 billion acquisition in October, with the focus on delivering threat-centric security solutions. Reporting to SVP Chris Young, Sourcefire’s Martin Roesch was named VP and chief architect of Cisco’s Security Business Group.

Back in July, shortly after the acquisition was announced, Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group, gave Cisco a lot of credit on this one. “By grabbing Sourcefire, Cisco management was in effect admitting that information security needed to be a much bigger part of its overall strategy and that it couldn’t achieve this goal in a timely manner with its existing portfolio of security products.

During its F1Q 2014 earnings call a couple of weeks ago Cisco Chairman and CEO John Chambers said security revenues grew 8%, with particular strength in network security, up 12%. The company closed the Sourcefire acquisition on October 7th and is already seeing the benefits of a focus and the assets it acquired, he added.

“Security is our customers’ top priority and according to them, we may be the only company capable of providing the full architecture they need to address their security challenges,” he said. “We’re off to good start and it’s up to us to execute on this architecture.”

Chambers has big plans for security in Cisco’s future. “We planned to leverage our acquisition of Sourcefire to achieve our goal to become the number one security company and drive new product platforms and architectures like CRS-X, NCS and ACI to build multi-billion dollar business at Cisco.”


Author: Steve Wexler

Share This Post On

Leave a Reply