There are two things now driving the security industry:
1. The bad guys are already inside.
2. New platforms — cloud and mobile — have arrived.
…Both are forcing a different set of technologies, and the creation of new kinds of companies.
If we take the new platforms first, what it boils down to is this: What happens when we can no longer protect data with a firewall? How do we go about protecting data on a mobile phone or protecting data in the cloud? Old-line data security companies were all about protecting our data at our private data centers or protecting data on our PCs. (And when I say “protecting data” I mean protecting it from viruses trying to extract data.)
But as the threat environment moves away from individual PCs and private data centers to the cloud and mobile — as the computing platform shifts — a new set of companies are emerging. And when there’s a platform shift, there’s potential for new franchises to emerge.
The same is true when we start to wrap our head around assuming the bad guys are already inside.
The threat of people getting into our systems today is so great that every company in the world has to embrace the notion that not only are they going to get hacked, there’s a good chance hackers are already inside … and they just don’t know it.
So there’s a whole new class of companies that come into play during, and in the aftermath of, a hack. First by identifying that a breach has occurred and where it has occurred, and then in locking things down so the damage doesn’t spread.
Another class of company deploys technology that looks at what’s in our network and what’s the posture of our network. It’s constantly monitoring what normal network traffic looks like within the organization and generating a profile. When it notices an odd behavior, it will either lock it down or take some kind of action.
This set of companies comprise a very interesting category because everybody’s going to get hacked, so now it’s just a question of how quickly we respond when we see odd stuff going on within the company.
And there’s a final class of company that I’m focused on in the security space. I would describe this as a counter-measures company: How do we turn the tables on the attacker? How do we go on the offense? It’s another leg in the security stool, and one we’ll see more of as hacks get ever more sophisticated and the losses grow ever larger. It’s part of the growing sense in the security industry that if we don’t fight fire with fire, we’ll just get burned.
— Scott Weiss
