Staying on top of network security means not just ticking items off a to-do list, but also looking out for what's ahead. With that in mind, we culled a few interesting predictions from the minds of security experts and industry executives on what organizations can expect on the network security front in 2014.
1. Mobile Biometrics
Biometrics on mobile devices will play a bigger role in authenticating users to network services, one security executive predicted.
"Biometrics emerging on mobile endpoints, either as applications that gather users’ behaviors or as dedicated features on mobile endpoints that scan personal features à la the iPhone 5s finger scan, will emerge in 2014," said Manoj Nair, senior vice president and general manager at EMC's RSA security division. "If these features are open and extensible, it could lead to real innovation in ensuring the identities of remote users."
2. Application-Centric Networking
Cisco's launch of its Application Centric Infrastructure this fall pushed the concept of application-centric networking front and center, along with the promise of making network security more agile and automated. Tufin CTO Reuven Harrison said the IT industry should expect to see the first wave of products from a range of vendors that set the table for application-oriented IT architecture and management.
"New application-centric models will enable organizations to architect their networks, security and infrastructure in alignment with their business strategies, which are increasingly dependent on applications," he said.
Security, like other elements of infrastructure, will be treated vertically in this new application-centric architecture, Reuven added. "Instead of siloed security at each one of the layers -- application, server, hypervisor, storage and network -- we'll start seeing a convergence that enables a more holistic approach to security. Security will also be automated and orchestrated wherever possible," he said.
3. Application and Network Security Converge
While application-centric networking aims to break down silos, other industry trends also will help bridge divisions across the enterprise, another security executive said.
"Due to increasing consumption of cloud services and innovations such as NGFWs [next-generation firewalls], which force network security teams to consider application-related security and risk issues, network and application security will continue to converge in a big way," said Ranjeet Vidwans, vice president of marketing and business development at Identropy. "The common ground will be risk management."
4. NSA-Driven Uptick In SSL Encryption
This trend has already begun. Yahoo recently announced it was expanding its use of encryption to protect its users from NSA snooping, following a similar move by Google.
[The disclosures of NSA spying eroded customers' trust in the security of WAN connections from service providers, according to Greg Ferro. Read his analysis in "WAN Encryption Tops The Agenda After NSA Revelations."]
"The Snowden revelations have heightened awareness for these issues among consumers, enterprises and cloud providers," said Paige Leidig, senior vice president at CipherCloud. "As result, I expect an increase in demands for greater data privacy from all directions."
5. Zero-Trust Segmentation Adoption
Forrester Research has pushed the concept of a "zero-trust model" for network security where all network traffic is considered untrusted, including internal traffic.. To address the challenges of managing distributed networks and access for business partners, more organizations will adopt a zero-trust model in 2014, Danelle Au, director of solutions marketing at Palo Alto Networks, predicts.
"Implementations will vary widely from enterprise to enterprise, from those that need to create distributed boundaries of zero trust to those that focus on data center segmentation," she wrote in a blog post. "The key network security requirement, however, will be solutions that can be deployed with minimal impact to the network, while providing comprehensive visibility, control and safe application enablement."