marcus j. ranum cso tenable network security,...
TRANSCRIPT
![Page 1: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/1.jpg)
The State ofComputer Security
Marcus J. RanumCSO
Tenable Network Security, Inc.
![Page 2: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/2.jpg)
Short Form
• In 5 years, security won’t be interesting• That’s not the same as saying it’ll be
a solved problem!
![Page 3: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/3.jpg)
Who Am I?
• Industry (?what?) analyst / curmudgeon• Firewall researcher/product developer
late 1980s• VPN product designer early 1990’s• IDS researcher / CEO of NFR 1997• CSO, consultant, teacher, writer
![Page 4: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/4.jpg)
Disclaimer
• This is an “industry” view• Much of what I’m talking about
will ripple in the form of changes to:• Budgets• Products to choose from• Leverage within the organization
![Page 5: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/5.jpg)
This talk
• Some History• Current State of Security• Some Extrapolation
![Page 6: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/6.jpg)
Some History
• The early days of computer security:• Audit function - oversight• Mainframe usage accounting and
system log analysis• Often an accounting function
separate from IT
![Page 7: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/7.jpg)
Early Golden Age
• The firewall and the internet• Everyone going online• Everyone getting hacked• Wild west attitude and lots of
attention• Security IPOs in the mid 1990s
trigger a rush of $$$ from venture community into security
![Page 8: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/8.jpg)
Late Golden Age
• The worm and the pro hacker• Everyone is online• Horrible levels of vulnerability• Exposure of data and
professionalization of cybercrime• Venture community pulls up stakes• Lawmakers stake out turf and arrive
You are here
![Page 9: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/9.jpg)
Current State of Security
• Industry Changes• Regulatory Changes• Technology Changes
![Page 10: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/10.jpg)
Industry Changes
• Consolidation is everywhere• ISS -> IBM, Betrusted -> Verizon,
RSA -> EMC2• IDS industry collapses into IPS (I.e.:
gets bought by the firewall industry)• Log analysis and event management
is next
![Page 11: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/11.jpg)
Drivers
• Overinvestment in late 1990s• VCs fund (approximately) 200
security start-ups• Security market is about $20 bn• Subtract Cisco, IBM, Oracle,
Symantec, Microsoft, McAfee• Top 5 vendors account for all the
industry except for about $1 bn
![Page 12: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/12.jpg)
TopHeavy
• $1 bn among 190 start-ups• “That’s not a market; that’s a hobby”
(Peter Kuper, Morgan Stanley)
• Further pressure on the “little guys”• Think of Checkpoint and ISS as “little
guys” but really where can they go? Up-market and compete with Cisco? There is no down-market (which is why ISS sold to IBM)
![Page 13: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/13.jpg)
Industry Changes: Summary
• More consolidation• It’ll get frantic over the next 5 years
as the industry wraps itself up• More big one stop shops• 50% of the products you know and
love today will disappear in next 10 years (The good news is, it will be worse for the ones you hate)
![Page 14: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/14.jpg)
Regulatory Changes
• The lawyers are here!!• Security practitioners have
been asking for it “and now you got it!”• SarbOx, EU Legislation, GLBA, HIPAA, etc• Now disclosure regulation• Each state is heating up their own,
slightly different!
![Page 15: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/15.jpg)
Regulation: Part 2 “The Devastation”
• Here’s the problem• Security is on Capitol Hill’s radar• It’s an area where they can legislate
that is populist, poorly understood, expensive, and the costs are borne by “the wealthy corporations” (security’s now and forevermore a regressive tax, kiss any “ROI” story goodbye!)
• Legislation will only increase
![Page 16: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/16.jpg)
Regulation: The Effect
• Compliance dollars are being spent under guidance of liability (legal department)• Compliance is going to report to legal
department• Security winds up competing for
budget dollars with lawyers
![Page 17: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/17.jpg)
Technology Changes
• Consolidation drives integration• Integration drives one-stop-
shopping• One-stop-shopping turns
security into a clickbox feature• Hold that thought...
![Page 18: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/18.jpg)
Some Extrapolation
• Security gets subsumed as a “click feature” in network management• “Hey Bob the router guy! When
you’re done with turning on the VOIP in the router, turn on the IPS security features too!”
![Page 19: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/19.jpg)
Some Extrapolation
• Security gets subsumed as a “click feature” in system administration• This has already largely happened in
the enterprise except for website security
• Patch management and antivirus aredesktop security
![Page 20: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/20.jpg)
Some Extrapolation
• “Pure security” practitioners get shoehorned into audit
Same as it everwas, same as itever….
![Page 21: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/21.jpg)
My Take
• Security will become increasingly specialized and in 10 years most “pure” security practitioners report to lawyers• There will always be a few mercenary
specialists chasing the “disaster of the day”
![Page 22: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/22.jpg)
What’s Still Hot?
• Sim/Siem pretty much works• That’s what you’ll be deploying next• (That market is ripe for consolidation
and all the top players have been acquired already)
![Page 23: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/23.jpg)
What’s Still Hot?
• Data leakage will be next big thing• Prediction: Big failure, much
bleeding, great sorrow
• In 5 years it’ll be damage control on IP hemorrhage brought on by outsourcing
![Page 24: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/24.jpg)
PS: I love Outsourcing
• Consider becoming a project manager to oversee outsourcing• Make a fortune as a consultant when
things are “reinsourced”• The next big area of security activity
is non-technical and involves damage control for business mistakes of early 21st century
![Page 25: Marcus J. Ranum CSO Tenable Network Security, Inc.media.techtarget.com/searchFinancialSecurity/downloads/FISD09_M… · • More big one stop shops • 50% of the products you know](https://reader033.vdocuments.net/reader033/viewer/2022050611/5fb26c07aa76ba3dd0316c42/html5/thumbnails/25.jpg)
Conclusion
• Our moment in the sun is coming to a close• 5 years of play left, at most
• Good luck!