Are you a firewall hugger?
They still exist, apparently, in the enterprise security world. Despite widespread discussion of advanced security threats, and general understanding that mobility, cloud services and virtualization have eliminated any hard and fast definition of a network perimeter, there are still enterprises that assume they are safe behind a firewall.
"There is still the assumption by a lot of security professionals that 'The threat is out there, but we are okay,' " says Chris Richter, senior vice president of managed security services at Level 3 Communications Inc. (NYSE: LVLT), which today formally rolled out its Adaptive Threat Intelligence service. (See Level 3 Launches Adaptive Threat Intelligence and SDN + AI: A Powerful Combo for Better Networks.)
The new service is a cloud-based managed security offering that builds on the work of the Level 3 Threat Research Labs team and its data scientists. It uses constant analysis of network traffic and data, so that the carrier's global Internet backbone can identify malicious activity based on a wide range of known criteria and react quickly to new threats as they emerge.
"Every one of our beta customers has discovered something new and something unusual and in many cases a definite illegitimate persistent connection with an outside server and in some cases compromise" of their networks or data, Richter says. It's not uncommon for similar breaches to be uncovered when Level 3 is demonstrating the capability to potential customers.
The recent revelation of zero-day vulnerabilities with My SQL Database software, something in common usage, underscores the ongoing degree of threat enterprises face.
Many enterprises that think their networks are secured don't take into account the impact of human error, and are also being daunted by the rising cost of security, Richter says.
"You can have the technology in place, but the biggest threat is people and people make mistakes," he notes. Things within a network get reconfigured or added in, without checking to see how it impacts security. And as the cost of providing security strains IT budgets, some companies cut back on their overall security spending.
Level 3 and other operators are finding managed security services to be well-received in this environment and the space is becoming very competitive.
Richter also expects to see enterprises implement procedures around quicker recovery from security breaches, similar to disaster recovery plans for networks or fire drills for safety.
"You are going to see an increase in processes that are almost like DR and emergency protocol process around cyber hacking," he says. Level 3 doesn't offer something like that as part of its services, but does provide professional services and advice on how to set up such procedures.
On the recent activity front, Level 3 is seeing a growing amount of botnet and command-control activity in Asia, particularly South Korea, probably because its economy is booming and its network-compute infrastructure is getting denser, and therefore represents a bigger opportunity for bad actors. The United States is still the target of most malicious traffic, even though very little originates here, Richter noted, because US-based hackers are usually identified and prosecuted.
— Carol Wilson, Editor-at-Large, Light Reading