An interesting and useful debate on cybersecurity from the inside saw industry experts and vendors square up to the realities of the situation. In some ways it is a fight between the gullibility of users, the inexperience of IT departments and the hackers taking a least-hassle route into data sources.
The debate, held as a press security briefing in Dublin by Zonic Group did give some pointers as to the attitudes to be adopted by channels selling cybersecurity – the first being a realistic assessment of the risks, and what users will spend. It was Steve Broadhead, founder and director of Broadband-Testing who introduced the way this market works for sellers of solutions: “Business will spend on compliance, so IT should grab it, use as baseline and build cybersecurity,” he told the meeting.
But suppliers also had to contend with a lack of knowledge among buyers. Carl Gottlieb from solution reseller Cognition pulled no punches: “A lot of IT managers are "useless" as they have been dropped into security role; they still have a "box" mentality” But he also hit out at vendors for over-hyping their fixes: “Users are miss-sold technology as vendors don't want to admit their own limitations,”he says. “The industry must get its credibility back in some way.”
Dave Lewis of Akamai agreed that users were not getting the fundamentals right in security and Dennis David, CEO of Mycrypt agreed that user awareness is what is needed. But this is not the whole story: “All successful breaches use insider information,” he argued.
Compliance and new regulations will concentrate users' minds in the next year or so, with enforcers of regulation being personally rewarded by fines which can go as high in Europe at €20m or four per cent of turnover but even there, there is some confusion and enforcement is not likely to start until mid 2018.
One of the problems in the industry is the number of suppliers all saying they have the answer. A/V and malware should be an easy sell – but users too often just want to tick the right boxes and avoid being sued. The industry seems unable to come up with anything that is not a point solution. CIOs being asked by their boards if the business is secure are unable to provide any answer that is not surrounded with caveats.
A major opportunity in an associated area is SD-Wan - software defined wide area networking which is used to connect applications in branch offices and where the applications shift to the cloud is affecting legacy Wide Area Networking, says Michael Wood, VP of Marketing at VeloCloud. "In less than 2 years 50% of Enterprises will use SD-WAN at some or all of their branch offices," he predicts.
SD-WAN solutions are set to disrupt the WAN ecosystem and are pulling in critical momentum for mainstream market adoption, he says. In 2019 30% of enterprises will use SD-WAN products in all their branches, up from less than 1% today, and it is the security aspect whcih is helping to drive this.