My special guest this week is Shlomo Kramer, serial security entrepreneur, angel investor, CEO of Cato Networks and a keynote speaker at the Channel Partners Conference & Expo in Las Vegas (which is just 88 days away). Kramer’s 2016 predictions reveal opportunity for channel partners, and not just those with security expertise in-house.
Before we jump in, though, a quick look at the business case for security, thanks to a new report from our 451 Alliance partners: It’s all about the bucks. Nearly half, 45 percent, of 910 members of the 451 Global Digital Infrastructure Alliance surveyed expect their organization’s IT security spending to increase over the next 90 days. That’s up 8 points since the previous survey in June. Only 4 percent say spending will decrease. Spending growth is greater among large and midsize organizations than smaller ones, defined as having fewer than 250 employees, and in the healthcare and retail verticals.
Turning it over to Shlomo now.
Prediction: Network and security admins will kick their hardware addictions in favor of cloud.
The dissolving network perimeter has created severe challenges in terms of capacity, manageability, adaptability and coverage of IT security appliances. In 2016, businesses will realize that to address these challenges they’ll need to reduce their reliance on security appliances and cut down on “appliance sprawl.” Why? Because they need to securely support an increasingly cloud-centric and mobile-first workforce — a strategic goal that is not aligned with an appliance-based network security model designed for fixed locations and a static employee base.
A new generation of cloud-based services will offer solutions providers better threat visibility, shared intelligence across customers and agile software that enables rapid adaptation to emerging threats. For the first time, we can offer customers an alternative to disjointed, on-premises hardware-based security solutions. But remember — more use of cloud demands better connectivity. With MPLS being cost-prohibitive for midsize companies, and unmanaged Internet connections too unreliable for business-critical applications, customers will need advice on provisioning high-quality but affordable WAN connectivity.
Opportunity: When selecting the cloud equivalent of a UTM appliance to resell, look for enterprise-grade security that enforces a unified policy across all locations and users and is able to scale easily. For connectivity, look for a platform that optimizes traffic not only at the edge, but along the full route, between customer office locations and carriers or cloud providers. I consider SD-WAN only a partial solution, because the public Internet link is still unmanaged. This means that even after optimization, customers are still subject to packet drops and high latency, which are not good for business-critical or latency-sensitive applications. SD-WANs do work well in a scenario where the customer (often a large enterprise) uses MPLS and wants to augment it with an Internet link.
Prediction: The security skills shortage will force midsize enterprises to call in help.
Small businesses and mid-level enterprises, in particular, do not have the security resources or the skilled staff to combat advanced threats. Historically, these organizations have invested in point solutions to automate some aspects of network security, but these products tend to be costly and time-consuming to manage. In 2016, I believe customers will write off on-premises tools in favor of converged managed services that bundle both strong security capabilities and expertise. Just as SaaS leveled the playing field for small companies that could suddenly afford enterprise-class CRM, these bundles help businesses achieve competencies and erect defenses that were previously available only to large enterprises.
Opportunity: Think beyond the box and consider cloud-based managed services for functions including firewalls, URL filters and WAN optimization. Cato Networks does have a partnership program, which is a key element for us.
Prediction: Attackers will target employees using mobile tactics.
Tried-and-true attack vectors like spear phishing over email will never go away as long as they continue to work. But mobile-based threats will grow in sophistication, with a continued focus on defeating app-store vetting processes by attacking the developer supply chain and support systems.
Opportunity: Few midsize customers have internal app stores. Even if they use MAM/MDM systems, deciding what to whitelist and responding to user requests is time consuming. The answer is making public app stores safe. Both Apple and Google need to consider the app-developer supply chain and tighten their defense systems before apps reach the marketplace. Partners need to warn customers to be vigilant for employees doing so-called “side-loading” of apps, the common term for installing developer-signed apps without going through the app store. This is a growing attack vector as rogue developers include malicious code during the app build.
Thanks, Shlomo. Now three from me:
Card issuers will aggressively push fraud costs onto merchants that fail to update PoS terminals or meet PCI requirements. If you support retail clients, you should have already discussed with them the 2015 U.S. Fraud Liability Shift that took effect in October.
Customers will ask about containers. I discuss the reasons here, but in a nutshell it’s about cost savings and cloudifying applications. Docker, a company that’s synonymous with containers, has partner programs for service providers, consultants and trainers, along with technology partners. In a sign of maturity, Docker this week launched an Ecosystem Technology Partner program to recognize companies that do a good job providing in-depth views of containerized, distributed applications based on host-level logging data. Amazon CloudWatch is on the list, as are channel-friendly companies Elastic, Rapid7 and Sumo Logic.
As money gets more expensive, pay-as-you-go becomes the rule. You’ve no doubt heard that the feds increased interest rates this week, by .25 percent, for the first time since 2008 and signaled more increases are likely. While the immediate impact will likely be minimal, big vendors, including Cisco, have seen the future, and it is OpEx. But run the numbers anyway. Unless a customer’s demand is truly variable, substituting a fixed cost with ongoing payments could end up costing them more over time, as advisers who can run comprehensive TCO analyses will demonstrate. This is why hybrid is and will remain how IT does business.
And now for three things that caught my eye this week.
Advocacy group USTelecom, which represents service providers and suppliers for the telecom industry, announced this week that the Federal Communications Commission approved an order removing some regulatory requirements for legacy voice services that the group says are “no longer are relevant in today’s marketplace.” The order refers to equal access rules protecting stand-alone residential long-distance; the requirement for ILECs to provide access to their networks for competitive providers of services such as voice mail and fax, subject to a discontinuance process; and a rule requiring ILECs to provide a voice-grade channel (64 Kbps) on fiber networks for use by other providers.
When it comes to hotly contested rules on sharing lines with competitors, the FCC ruling essentially splits the baby, calling for “no sharing required for new entrance conduits in new developments (greenfields), where competitors have equal opportunity to build. Sharing of newly deployed entrance conduit in existing developments (brownfields) still required, given the advantages the incumbent LECs enjoy in these situations.”
So much for municipalities looking to limit the number of pavement cuts.
This week Barracuda announced its Barracuda Cloud Archiving Service, which integrates with Microsoft Exchange and Office 365 and helps with compliance and e-discovery. IT can give end users read-only access to search and retrieve email from any device. The product has direct integration with Outlook on Windows as well as native apps for Mac OS, iOS and Android. To enable forensically valid search and discovery, the service maintains a separate, secure archive copy of documents and emails, compliant with legal search and discovery rules.
The Barracuda Cloud Archiving Service is currently available in early access; general availability is expected by month’s end. The service starts at $2 per user, per month, or $20 per user for an annual subscription and includes:
Capture Everything: An accurate and unmodified copy of every email sent or received, including details of all recipients, will be captured and stored in the secure Barracuda Cloud. No hardware or software installation is required for customers.
Keep Everything Securely as Long as Needed: Secures stored email data for as long as needed without risk of deletion.
Respond to Information/eDiscovery Requests: Provides extensive search and discovery capabilities, managing selected data outside the operational environment on a separate, secure archived copy of the data.
Sophos announced this week its purchase for $31.8 million of SurfRight, which specializes in signature-less, real-time endpoint threat detection and response and advanced threat prevention. It will retain all SurfRight employees, and SurfRight CEO Mark Loman will join the Sophos Enduser Security Group, reporting to group SVP Dan Schiappa. The SurfRight technology focuses on detecting and preventing memory manipulations and other methods that allow malicious code to run. Its HitmanPro malware scanning and removal tools have more than 20 million users worldwide, and the portfolio also includes anti-espionage technology and enhanced protection against ransomware attacks such as CryptoLocker — which is shaping up to be a big problem in 2016.
“SurfRight is a growing, profitable business with an established customer base and proven security capabilities,” said Sophos CEO Kris Hagerman in a statement. “We are excited to welcome SurfRight to Sophos and look forward to introducing the benefits of this leading-edge technology to our global customer and partner base.”
Schiappa says the company is working to integrate the SurfRight technology into its line of endpoint security solutions; at that point, the full portfolio will be available to Sophos’ more than 15,000 channel partners.