CMP Network Computing
Log In to Network Computing
   Techweb
 
Top 11 List Security Channel SpamOmeter Internet Threat Level
Live Lab Cams Storage Channel IT Pro Downloads Network Design Manual
 Site Map |  What's New |  Current Issue |  Past Issues |  Article Index |  Newsletters |  Content Feeds |  Subscribe
Welcome to Network Computing Networking News Product Reviews, Sneak Previews, Analysis Workshops, Primers, Tutorials Site Content According to Technology Covered Forums, Blogs, Opinions Site Tools for IT Professionals Centerfold Case Studies Interactive Buyer's Guides


IT Knowledge Made Simple
Stay on top of strategic IT infrastructure trends with our special IT StrategyCenter, powered by StudioOne Networks.
Regulatory Resource   Threat Intelligence      Resilient IT      Boardroom Strategies      
Threat Intelligence / Preparedness

Making the Case for Managed Security Services

By Tom Schmidt

How vital has managed security become to today's enterprises? Given the need for quick and effective protection against today's emerging threats, it could be argued that managed security is more important than ever before. According to leading analyst firm IDC, the managed security services market is expected to reach $2.9 billion this year.

"The MSSP [Managed Security Services Provider] market is anticipated to grow incrementally as organizations take a more proactive approach to network security," said Allan Carey, program manager of IDC. "More organizations will look to managed security services providers that offer integrated security solutions and services."

This article examines how the increase in Web-based application and browser vulnerabilities, along with the rise of zero-day exploits, is prompting more and more enterprise IT organizations to outsource their security management, monitoring, and response needs. It also shows how an MSSP helps an organization focus on its revenue-generating core competencies, while ensuring that its information assets are secure and available.

The rise of cybercrime
The new Internet security threat landscape is increasingly dominated by attacks and malicious code that are used to commit cybercrime. The threat landscape is coming to be dominated by emerging threats such as bot networks and customizable modular malicious code. Targeted attacks on Web applications and Web browsers are increasingly becoming the focal point for cybercriminals. Whereas traditional attack activity has been motivated by curiosity and a desire to show off technical virtuosity, many current threats are motivated by profit. They often attempt to perpetrate criminal acts, such as identity theft, extortion, and fraud, for financial gain.

One aspect of the threat landscape that has attracted significant attention concerns new vulnerabilities. Between July 1 and Dec. 31, 2005, 1,896 new vulnerabilities were documented, a slight increase over the first half of the year, according to the Internet Security Threat Report. However, for the entire year, the highest yearly total volume of vulnerabilities was reported since the establishment of the vulnerability database in 1998. There were 3,767 vulnerabilities documented in 2005, compared to 2,691 in 2004, an increase of 40%.

This growth has been driven primarily by an increase in discovery and disclosure of vulnerabilities in Web applications. Some 69% of the vulnerabilities documented in the second half of 2005 affected Web applications. The increased focus on Web application vulnerabilities reflects the shift toward the Web as a platform for applications. Many applications that were once stand-alone software suites or client-server solutions are now being implemented as Web applications.

At the same time, browser vulnerabilities continue to be a serious security concern, particularly due to their use in online fraud and the propagation of spyware and adware. With the Web browser becoming a more critical and ubiquitous application than ever before, organizations need to understand how various browsers -- Microsoft Internet Explorer, Mozilla Firefox, Opera, Apple Safari, and KDE Konqueror -- are being targeted by attackers.

The window of exposure
Not only are Web-based application and browser vulnerabilities increasing in importance, but the window of time between the disclosure of vulnerabilities and the appearance of third-party exploit code designed to take advantage of it continues to narrow. For example, during the second half of 2005, the average time for exploit code development was just 6.8 days.

Of course, when vulnerabilities are announced, the vendor of the affected product must develop and release a patch. During the second half of 2005, the time to patch was, on average, 49 days. This means that, on average, seven weeks elapsed between the publication of vulnerabilities and the release of an associated patch. During this period, computers hosting vulnerable applications were exposed to potential compromise.

Being proactive
If organizations only needed to protect against known threats, the situation would be much simpler. Unfortunately, with attacks today being launched against vulnerabilities that are as yet unknown (i.e., zero-day threats), traditional methods of protection are largely ineffective. Today's threat landscape has evolved to the point where securing information assets from internal and external threats has become a highly complex IT function, demanding significant investment in expertise, systems infrastructure, and 24/7 oversight. That's not a very attractive proposition for any organization.

By providing proactive, "behavioral" prevention technologies, a Managed Security Services Provider can automatically block unknown threats against system vulnerabilities. In certain instances, an MSSP can even predict how vulnerabilities might be exploited; in other instances, it can predict a potential outbreak based on patterns of suspicious activity. A good MSSP can be likened to a meteorologist. It can see patterns emerging, predict that a storm is coming, and therefore alert people so they can act before the storm causes damage. 

The bottom line is that the increasing sophistication of today's threats has made the traditional approach of deploying "best-of-breed" solutions insufficient for the kind of split-second, manifold response necessary to keep a network up and running.

An effective MSSP will integrate security, combining advanced virus protection, firewall, spam/content filtering, intrusion detection, and vulnerability assessment into unified, interoperable solutions. The goal is an information management solution that can reduce disruptions, increase uptime, enhance responsiveness, and improve productivity and decision-making.

Conclusion
Today's enterprises face a number of barriers to achieving and maintaining effective security. They include:

  • A shortage of qualified security professionals
  • Increasingly sophisticated cyber threats
  • A lack of resources and infrastructure to support a 24/7 security program
  • The increasing complexity of security technology
  • A lack of time to focus on persistent security management and operational tasks

As a result, many organizations that manage security in-house are looking for alternatives to overcome these barriers. They require a way to maintain a strong security posture while focusing on core, revenue-generating operations. Outsourcing information security tasks, analogous to outsourcing physical security, is becoming an increasingly attractive option. With the right security partner, an enterprise can realize significant savings while markedly improving its overall security posture.

Tom Schmidt writes frequently about information security topics. He has more than 15 years' experience as a writer and editor in high-tech publishing.

IT Strategy Center is a daily editorial resource offering innovative insights and strategies for building an integrated, secure and resilient IT infrastructure.

Articles by Topic
Spam and Viruses
Preparedness
Strategies
Related Content

Features

View More


Metrics

View More

Fast Fact

"More organizations will look to managed security services providers that offer integrated security solutions and services."

-- Allan Carey, program manager of IDC
Sponsor Tools

White Papers

View More


Resources
Podcast Audio Content

CIO Strategy Center is now available in audio format.

This week's feature topic is:


Patch Management and Security
Playtime: 9 min 28 sec



Download | Subscribe

Copyright © 2008 Studio One Networks. All rights reserved.
Advertisement
Site Navigation
Home | Article Index | Newsletters | RSS Feeds | Site Map | IT Tools | Reviews | Technologies | Workshops/Tutorials | News | Forums/Blogs/Opinion | Bookstore | Jobs | RFP/RFQs | White Papers | Audio | Downloads | Editors | Webmaster | Sales and Marketing | Magazine Media Kit | Online Media Kit | Events | Reprints | Editorial Calendar
Technology News and Opinion
Small Business Pipeline | IT Utility Pipeline | Business Intelligence Pipeline | Desktop Pipeline | Compliance Pipeline | Server Pipeline | Storage Pipeline | Security Pipline | Mobile Pipeline | Linux Pipeline | Advanced IP Pipeline
Companion Sites
Independent Testing Services | Network Magazine | IT Pro Downloads | UnixWorld | Interactive Buyer's Guide | InternetWeek | InformationWeek | Transform Magazine | Pipeline Technology Sites | Intelligent Enterprise | TechWeb | Shop-Marketplace.com



TechWeb is brought to you by CMP Media LLC, Copyright © 2004
Privacy Statement | Terms Of Service