As December rolls in and 2012 looms on the IT security horizon, Tufin Technologies – the security lifecycle management specialist – has come up with its top five security predictions for the year ahead.
According to Michael Hamelin, chief security architect with Tufin, the predictions – and recommendations – represent the considered thoughts of his research team, who develop leading edge solutions covering a variety of areas, including PCI DSS compliance and automatic security policy generation strategies.
Tip #1 is on the subject of firewall operations, with the prediction that next generation firewalls will continue their strong adoption by mid- to large-size organizations. As a result of this trend the operations management challenges of multi-vendor firewall environments as calling for increasing levels of automation of daily change management tasks.
Tip #2 covers the area of firewall compliance and auditing – a key requirement in the increasingly regulated IT security space we now live in. Continuous compliance will become essential for many more organizations that are striving to keep an always-compliant security status, without waiting for a third party auditor to carry out an annual check,
Tip #3 will see CIO’s needing to show their CEO’s – and their board of directors – a 360-degree and holistic report on the state of their organization’s IT resources that clearly outlines the business’s network security status.
Regulatory compliance requirements – particularly in the PCI DSS space – and the consequent legal implications, will drive more companies to automate their network security audits and rely less on periodical audits.
Tip #4 also covers the firewall compliance and auditing domain – and even those organizations who are not bound to the need for direct regulatory compliance standard will still adopt standards like PCI DSS as a methodology to create a robust network security framework.
Tip #5 involves the field of security change automation. Organizations will embrace even more workflow and ticketing solutions designed to provide a comprehensive pro-active risk plus compliance analysis process.
Taking this path will allow hard-pressed IT security staff an easy way to achieve a robust continuous compliance process.
“Although it’s been 23 years since the first worm – the Morris worm – appeared on November 2, 1998, a lot more has happened in the malware arena in the last two years then the first 21 years. This escalating change in the threat landscape is something that drives the need for comprehensive security ever-forward,” he said.
“And it’s for this reason that we’ve come up with our top five security tips for 2012, which we sincerely hope will assist IT security professionals in planning their defense strategies for the year ahead, which promises to be a challenging one for all concerned,” he added.