Feb 29 2012

3 Cybersecurity Questions Answered by Charles Kolodgy

Increasing network requirements put focus on security risks.

As users demand more from their networks, security becomes a greater challenge. Charles Kolodgy, research vice president for secure products at IDC Government Insights, discusses the current state of network security.

FedTech: What keeps network administrators up at night?

Kolodgy: There are a number of external pressures on the network security sector, including ever-growing bandwidth requirements to cover all of the different types of applications that are traversing the network. There's more video; there are more mobile devices. And applications on the Internet continue to change as we move to Web 2.0, which focuses on new collaboration technologies such as social networking sites, wikis, and other types of web applications.

FedTech:  How have the security threats facing federal networks evolved?

Kolodgy: The number of attacks has increased across the board. We don't hear about the huge network worms anymore because attacks are much more targeted. The biggest concern continues to be malicious code finding its way into the network. And the quality of attacks has increased. They're more sophisticated; thus, harder to prevent.

During the second quarter of 2010, botnets infected more than 2.1 million computers in the United States, representing more than 5 of every 1,000 PCs.

SOURCE: Microsoft Security Intelligence Report, Volume 9 (January–June 2010)

FedTech: In what way have attacks become more sophisticated?

Kolodgy: Virus writers and attackers are increasingly leveraging Web 2.0 sites by planting malicious code on legitimate websites to exploit browser and other application vulnerabilities. Additionally, Web 2.0 is greatly increasing the number of IP-enabled protocols that need to be inspected by the firewall.

In order to address the problem, firewalls have been evolving. The unified threat management device was the beginning of this evolution. Now we are seeing firewalls that include application control and user identification and deep-packet inspection. In some ways it is difficult to define what a modern firewall is.