Source: Network World | Opinion Article by Jon Oltsik | January 5, 2017
Cloud, IoT, mobile, and digital transformation will place new demands on usability, scalability, and enterprise-class features of cybersecurity analytics and operations products
It’s no surprise that lots of pundits and cybersecurity industry insiders claim that 2017 will be a challenging year full of nation state attacks, ransomware, and a continuing wave of data breaches. I concur with this common wisdom, but I also believe that 2017 will be remembered as the year where cybersecurity analytics and operations encountered a wave of unprecedented scale.
Now I know that the need for security scalability is nothing new. Leading SIEM vendors can all talk about how they’ve had to rearchitect their products over the past few years to scale from thousands to millions of events per second (EPS) and somehow make sense of all this activity.
Yup, EPS growth will continue, but cybersecurity scale is about to hit an exponential curve, driven by things like:
Cloud utilization. ESG research (and other sources) indicate that more and more workloads are moving to public and private clouds. What’s more, the use of agile development, DevOps, and cloud computing render all computing as a temporary activity. Workloads are spun up, spun down, and replaced on the fly as needs and whims dictate. Containers will also become more mainstream in 2017 and only accelerates these trends. Somehow security teams must be able to keep up (i.e. monitor, audit, investigate, etc.) with all this activity.
IoT. Forecasts I’ve read suggest that there will be over 20 billion connected devices by 2020 and industries like energy, health care, manufacturing, and retail are actively deploying IoT applications. This means transient connections of thousands of sensors, actuators, gateways, and data collectors that need to be authenticated and monitored.
Network growth. There are lots of angles here. Physical networks and network backbones are expanding from 10Gb to 40/100Gb. The transition from IPv4 to IPv6 continues. Cellular networks are being upgraded while IoT devices are driving greater Wi-Fi bandwidth and proliferation. Simply stated, there’s more traffic, sessions, packets, flows, and protocols to keep an eye on.
Digital transformation applications. Beyond the technology alone, more organizations are using these technologies to revolutionize how they do business. Whether its automated manufacturing, self-driving cars, or smart grids, we are using and trusting a cornucopia of technologies to a greater degree.
These and other parallel trends are driving massive growth in the amount of data we need to collect, process, analyze, and store for cybersecurity analysis and operations. Oh, and more data, analysis, and decision making also makes cybersecurity far more complex.
In my opinion, the need for massive cybersecurity scale has some serious repercussions on the industry...