Some good trends in network security

1.) Information is more valuable than ever. For example, Amazon.com relies on information to make purchasing of books easier through its one-click purchasing system. Similarly, when Internet retailer Pets.com went belly-up, the company's database of customers "was the only asset of value they had,"

2.) Networks are critical infrastructure. The Internet was not designed to serve as critical infrastructure.The Internet helps companies run more efficiently and eases communication between people, but there are real economic risks involved. "If the 'Net goes down, or part of the 'Net goes down, it really affects the economy

3.) Users do not necessarily control information about themselves. For example, ISPs have control over records the Web sites that users visit and e-mail messages they send and receive. Also, some mobile operators keep a copy of users' phone books on their servers.

4.) Hacking is increasingly a criminal profession. Hacking is no longer for hobbyists. More and more, attacks are organized and led by criminals who are driven by a profit motive. "The nature of the attacks is changing because the adversary is changing"

Extortion related to denial-of-service attacks and phishing attacks are two examples of criminal attacks. In addition, there is a black market for exploits that allow attackers to penetrate corporate IT systems.

5.) Complexity is your enemy. "As systems get more complex they get less secure,"  calling the Internet "the most complex machine ever built."

Advances in security technology simply have not kept pace with the Internet's growth. "Security is getting better, but complexity is getting worse faster".

6.) Attacks are faster than patches. New vulnerabilities and exploits are being discovered faster than vendors can patch them. In other cases, vulnerabilities in some embedded systems, such as Cisco routers, cannot be patched, leaving companies vulnerable.

7.) Worms are more sophisticated than ever. They already contain vulnerability assessment tools, and are scanning corporate defenses for weaknesses and using Google for intelligence gathering. "This trend is a result of more worms being criminal."

8.) The endpoint is the weakest link. "It doesn't matter how good your authentication schemes are if the remote computer isn't trustworthy" . In many cases, computers outside your company's security are the weakest link. These computers are often infected with worms and spyware, presenting an opportunity for attackers.

9.) End users are seen as threats. Companies are increasingly developing software that is intended to defend against the end user, Schneier said, citing digital rights management (DRM) software as an example. "More and more we're seeing security that doesn't protect the user, but protects against the user."

In at least one case, involving DRM software installed by Sony without users' permission, the software caused damage to the end user's computer. "Rules and regulation around this is going to be a big battleground", predicting that a battle will be fought between PC software that is protecting the user and software that is designed to protect against the user.

10.) Regulations will drive security audits. There’s no shortage of regulations that detail how companies should handle data. Regulations such as the Sarbanes-Oxley Act will be the driving force behind corporate security audits.