As December rolls in and 2012 looms on the IT security horizon, Tufin Technologies – the security lifecycle management specialist – has come up with its top five security predictions for the year ahead.
According to Michael Hamelin, chief security architect with Tufin, the predictions – and recommendations - represent the considered thoughts of his research team, who develop leading edge solutions covering a variety of areas, including PCI DSS compliance and automatic security policy generation strategies.
“After six years of hard work in the security space, we now partner with a number of leading vendors - including Check Point, Cisco, Juniper Networks, Palo Alto Networks, Fortinet, F5, Blue Coat, McAfee and BMC Software – and are well known our technological innovation plus dedicated customer service,” he said.
“It’s against this backdrop of IT security knowledge and understanding that we have developed our predictions for the industry for 2012. We hope they prove useful to our clients - as well as anyone involved in the increasing complex area of defending their organisation’s IT platform against the rising tide of security threats,” he added.
Tip #1 is on the subject of firewall operations, with the prediction that next generation firewalls will continue their strong adoption by mid- to large-size organisations. As a result of this trend, Tufin sees the operations management challenges of multi-vendor firewall environments as calling for increasing levels of automation of daily change management tasks.
Tip #2 covers the area of firewall compliance and auditing – a key requirement in the increasingly regulated IT security space we now live in. Continuous compliance, says Tufin, will become essential for many more organisations that are striving to keep an always-compliant security status, without waiting for a third party auditor to carry out an annual check,
Tip #3 will see CIO's needing to show their CEO's - and their board of directors – a 360-degree and holistic report on the state of their organisation’s IT resources that clearly outlines the business’s network security status.
Regulatory compliance requirements – particularly in the PCI DSS space – and the consequent legal implications, will drive more companies to automate their network security audits and rely less on periodical audits.
Tip #4 also covers the firewall compliance and auditing domain - and Tufin predicts that even those organisations who are not bound to the need for direct regulatory compliance standard