Security Conundrums 2016....

As 2016 creeps up on us, it is natural (for a security guy) to wonder what technical innovations will present the biggest security challenges next year.

The world of security is an ever evolving environment, facing the challenge of designing and implementing security products and services in the current market can sometimes mean that by the time you have developed it, tested it and released it it's completely irrelevant.

Take BYOD for example, something which was very high on the agenda at the beginning of 2015 is a mere whisper on the wind now, containerised platforms have not developed fast enough to keep pace and caused business leader to ask the question " how do i continue to do business without the need for this clunky over engineered solution". Basically security should be easy, invisible and regularly successful otherwise people will tick the compliance box and forget all about it.

Things like BYOD have been replaced by the magical "Cloud" word - which is basically a deceptive way of saying someone else is managing my servers somewhere else and sharing the box with a whole host of other consumers. The challenge this presents is that we now trust a 3rd party that we haven't vetted for security, with our data in a datacentre that we have no view of access controls on? For most this just means that we adjust where we store sensitive data, unfortunately some don't consider this and the first they will know about security in these areas is that they have been breached.

The focus that i have given to this subject has been surrounded by a desire to provide technology agnostic defence and monitoring across the globe from a central point, this was initially born out of the desire to extend intelligence services to a wide Managed Security Device customer base, not knowing what each of these customers had as security challenges and having to crossover a wide set of technology sets and data formats.

Put simply, a firewall is still a firewall, irrespective of where it is located - this translates well across all these technology types from Web Proxy Devices to File Server Logs and Antivirus - the questions are still the same,

"is this a legitimate connection?",
"did i expect this much data to cross this boundary?,
" should this user be accessing these files?".

The lucky thing for me is that this principle also fits very well in the "Cloud" arena, allowing me to provide security services to companies that use AWS,  Google Cloud, Office 365 and others by simply collecting logging for these solutions and answering the relevant security questions by interrogating that data.

In conclusion, the hot topic in security in 2016 is not one of which technology i choose and how security impacts this technology, but a simple question of "does this new technology provide me with adequate metadata and logging for me to make monitoring and security decisions" inevitably in all instances the answer is yes. the big bonus is that businesses can continue to be agile in their technology choices and continue to be secure by using services which depend on the data outputs from such services.