Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

Six Trends That Will Further Reshape Information Security in 2010

by Neil MacDonald  |  January 4, 2010  |  3 Comments

Food for thought to kick off 2010. The convergence of these trends (listed in my opinion of the order of impact) will radically reshape the future of information security – both the vendor landscape and how we architect and manage information security internally:

  1. Convergence onto Security Platforms: The movement of related security controls into “security platforms” capable of being adapted to new types of threats. We see convergence taking place in multiple areas in information security – at the endpoint, at the email security gateway, at the web security gateway, at the next-generation firewall and, for small to midsized organizations, the multifunction firewall.
  2. Virtualization: This is a topic I research extensively. Beyond just deploying virtualization securely, the virtualization of security controls (like firewalls and intrusion prevention systems) will alter the information security landscape. Beyond this, virtualization offers a new platform to enforce security controls in new ways – such as introspection techniques for rootkit detection.
  3. Cloudification: The enforcement of our enterprise security policy via security controls and infrastructure that we don’t own. This isn’t necessarily new, but the other trends listed and enterprise adoption of cloud-based applications are forcing this. Cisco’s recent acquisition of ScanSafe or Barracuda’s acquisition of Purewire to extend their on-premises capabilities are timely examples. Other examples include the use of cloud-based web application firewalling or cloud-based filtering of web and email traffic.
  4. Externalization: The tearing down of walls between businesses and the opening up of our information, processes and systems to outside parties – whether these are contractors, outsourcers, partners and customers. Nearly every enterprise I speak with is being asked to enable and foster secure collaboration with external entities. The massive uptake I see from clients using SharePoint in extranet scenarios is a testament to this.
  5. Consumerization: The use of consumer-oriented technology (systems and software) for business uses. Examples include the connection of iPhone to enterprise systems, remote access via personal machines and employee demands for access to Facebook, LinkedIn and other consumer-oriented sites in a business context. Combined with #4, this implies a large number of systems that we don’t own and don’t manage connecting to our systems and networks.
  6. Operationalization: As threats become well understood and the technologies we use to protect our infrastructure become more mature, these can be turned over to IT operations. Examples include endpoint antivirus being managed by desktop operations, antispam and email security gateways being managed by the email ops team, firewalls being managed by network ops and so on. This is the only way we’ll free up enough of our limited information security resources to tackle the new and emerging threats that relentlessly continue.

These will create multiple, disruptive and transformational inflection points for information security.

Are you ready?  Are your incumbent vendors?

3 Comments »

Category: Endpoint Protection Platform Information Security Next-generation Security Infrastructure SharePoint Security Virtualization Security     Tags: , , , , , ,

3 responses so far ↓

  • 1 Six Trends That Will Further Reshape Information Security in 2010 | Trendy Blog   January 4, 2010 at 2:57 pm

    [...] admin wrote an interesting post today onHere’s a quick excerptThis isn’t necessarily new, but the other trends listed and enterprise adoption of cloud-based applications are forcing this. Cisco’s recent acquisition of ScanSafe or Barracuda’s acquisition of Purewire to extend their on-premises … Consumerization: The use of consumer-oriented technology (systems and software) for business uses. Examples include the connection of iPhone to enterprise systems, remote access via personal machines and employee demands for access to … [...]

  • 2 uberVU - social comments   January 5, 2010 at 8:43 am

    Social comments and analytics for this post…

    This post was mentioned on Twitter by Partnerpedia: Six trends that will further reshape information security in 2010 http://ow.ly/SFx7 #infosec #virtualization #cloudcomputing…

  • 3 technotera   January 20, 2010 at 2:59 am

    its great,we are the provider of information security for more information visit our website http://www.technotera.com