IT security will enable cloud adoption in 2011: CA Technologies

by CXOtoday Staff    Dec 27, 2010

insider threatCA Technologies (NASDAQ: CA) has released its predictions on what to look for in the coming year with respect to prevailing threats and industry shifts.

β€œIn 2011, IT security professionals will need to step-up their battle against the insider threat and leverage Identity and Access Management to shift the view of security to that of an enabler for cloud adoption,” suggested Tim Brown, senior vice president and chief security architect, CA Technologies.

The security experts of the company have stated the following challenges on tap for 2011:
The insider threat will continue to grow. Today companies have better sophisticated security. It may now be easier to social engineer the insider than continually create new malware to combat better security. WikiLeaks showed us that the insider is a direct line to sensitive data. There are larger amounts of high quality data in a company compared to information associated with an individual, and more access points to get in as companies open up social networking sites to the enterprise and employee mobility increases.

Organizations will begin using behavioral analysis to predict threat from the inside. There is case study research in this area that examines the psychosocial factors that can contribute to an insider breach. This data could be used to create predictive models that correlate psychological profiles or behaviors to insider breaches or crime.

Identity and access management will shift security perception from cloud barrier to cloud enabler. Organizations will change their perception of cloud security as more advanced identity and access management (IAM) security options are deployed by cloud providers and as cloud services. Cloud providers will realize that to continue their growth, they have to provide enterprise-level security and therefore will strengthen the identity models associated with their cloud service. IAM delivered as a cloud service also will give organizations the option to more easily adopt and deploy various identity-related security capabilities.

Companies will improve information security by linking data and identities. Organizations will realize the need to make access and information use policies identity-based. This realization ushers in next-generation IAM and makes IAM content-aware. Traditional IAM stops at the point of access; content-Aware IAM goes a step further to not only help control identities and their access, but also control what they can do with the information based on their identity.

Nation, state attacks will grow. There is a reason the government is placing increased importance on cyber warfare. Crippling our infrastructure would be highly disruptive. Attacks on the technical supply chain by way of compromised hardware and insecure software, or attacks similar to Stuxnet, could be viewed as a nation state attack.