No Silver Bullets: Network Security Tries to Keep Pace With Evolving Threats

As cyber threats increase, providers continue to evolve their offerings


BairdCyberattack. Security breach. Compromised data. These words grab headlines and keep enterprise and government leaders up at night. In 2015 alone, hackers compromised the private data of millions of Americans held by several high-profile organizations including The Federal Office of Personal Management, Anthem and Experian. The average cost of such a breach for any company also increased to $3.8 million in 2015, up 23% from 2013 (Ponemon Institute, 2015). In the U.S., Apple’s compliance with the FBI and Department of Justice’s request to unlock an encrypted iPhone used by a terrorist in the San Bernardino, California attacks has sparked an ongoing public debate over government involvement in cybersecurity.

As migration to the cloud, investment in the internet of things (IoT) and the proliferation of mobile devices increase the attack surface available to hackers, Baird continues to see a secular tailwind for IT Security spend. This space continues to be the most resilient market in our coverage universe. We also anticipate further industry consolidation via M&A activity from larger players, which will encourage security offerings continue to evolve and meet industry demand. 

Perimeter-Based Strategies Are No Longer Enough

While cloud and internet of things (IoT) solutions are beneficial to many enterprises, those trends only bolster the case for enterprise security spending. The risks of the cloud transition are evident in the rise of startups offering cloud access security brokers (CASB) and Security-as-a-Service platforms.

Additionally, the cyberattacks of the past decade have made clear that traditional perimeter-based security approaches are no longer sufficient. New and improved security tools such as microsegmentation, which provides enhanced security for East-West traffic within a data center, may limit the damage caused by today’s complex cyber challenges. Companies such as VMware, Cisco, Fortinet and Palo Alto Networks have developed segmentation solutions, which they describe as a necessary resource for the modern enterprise network and data center.

Cloud Security: Protecting Data Beyond Corporate Walls

Cloud security is a rapidly growing domain of network security. A study released by Transparency Market Research in January 2016 projected that the cloud security market alone will grow to $11.8 billion by 2022. Perhaps the biggest concern for enterprises is the loss of visibility and control with respect to security policies. When data is migrated to the cloud, enterprises have limited visibility into or flexibility to adapt the cloud service provider’s security controls. Many companies also worry that devices outside the corporate firewall can access enterprise cloud services and put private data at risk. Furthermore, cloud services may complicate the ability to comply with an increasing number of information security standards enforced by governments and industry mandates.

With mobile devices accessing cloud services beyond the enterprise perimeter, security must be consistent and automated throughout the network. Specific solutions include creating dynamic trust zones, offering reliable encryption services, and using single sign-on and context-based authorization for identity access management. CASBs now offer services that mediate traffic between cloud apps and users to provide enterprise security policies as cloud-based tools and data are accessed. CASB startups and cloud security solutions have proliferated in recent years and are set to keep growing as more enterprises move to the cloud. Notable examples include Skyhigh Networks, Zscaler and Illumio.

The Rise of Segmentation Solutions

Given the declining confidence in perimeter-based security approaches, many companies have developed a range of segmentation solutions that seek to address threats that may move laterally across a network. These approaches include microsegmentation, internal segmentation and network segmentation.

Microsegmentation was made possible by the rise of network virtualization and the software-defined data center. Despite advances in endpoint security and perimeter defenses, cyber threats continue to present a real danger to the enterprise and there are few lateral controls to prevent their spread across the network once inside the data center. Microsegmentation offers the ability to attach security to individual workloads, virtual machines (VMs), applications or virtual networks and automatically provision such policies. This is only possible in a virtualized environment where individual virtual workloads and networks can be isolated, independent of the physical infrastructure.

Like microsegmentation, internal segmentation focuses on advanced threat prevention particularly in terms of lateral movement across an internal network, rather than perimeter-based defenses. It may refer to the divvying up of assets across the entire enterprise network versus just the data center. Fortinet offers a related solution with its Internal Segmentation Firewall (ISFW). The ISFW, for example, can segment mobile devices, servers with sensitive intellectual property data, private clouds, data center, edge gateway and the internet from one another. Unlike its predecessors, the ISFW has high throughput capacity in order to keep up with the high speeds of internal networks and offer internal visibility and protection.

Similar to internal segmentation, network segmentation security platforms allow enterprises to create policies that classify all traffic by users, application and content. Through the creation of security zones and flexible policy deployment, Palo Alto Networks’ Next Generation Firewall (NGFW) becomes a network segmentation gateway, offering integrated security functions to log and inspect all traffic in the network and data center.

The Road Ahead

Network Security remains a heavily fragmented market, and we continue to expect the larger players to facilitate market consolidation through M&A over the next few years. According to Gartner, the top five vendors (Cisco, Check Point, Palo Alto, Fortinet and Juniper) represent 69% of the total market for enterprise network security equipment and 71% of the total market for firewall equipment in particular.

Throughout 2015 and the start of 2016, many of the biggest Network Security vendors have announced or completed significant acquisitions. Several of the acquired companies offer cloud security solutions, signaling an effort by legacy vendors to keep up with the transition to the cloud and accompanying innovation. Examples include Microsoft’s purchase of Adallom and Cisco’s acquisition of Lancope. Large players have a compelling opportunity to consolidate market share. This M&A activity will spur growth in security spending and help drive new solutions for enterprises to keep up with ongoing and increasingly sophisticated cyber threats.

Learn more about Baird’s comprehensive Technology & Services platform.

 

Robert W. Baird Limited and Baird Capital Partners Europe Limited are authorised and regulated in the United Kingdom by the Financial Conduct Authority.