As we are set on the path that 2014 has ahead for us, many of the cybersecurity predictions that have been put out are already manifesting in actual events.  Zscaler is a cloud security company that focuses on a number of elements in building a complete cloud security portfolio.  With abilities to put controls like web filtering in place, antivirus and anti-spyware, the company is on the front lines of many organizations and the environments they encompass include email, web and mobile environments all the way up the scale.  Founder and CEO Jay Chaudry is at the helm of this global operation, the largest security cloud in the business with its massive web proxy network as its feature product.

In a nutshell,  Zscaler sees these two major trends – the evolution of advanced threats and the complexity of cloud and mobile environments – increasingly intersect. In particular, there are five areas (below) that information security practitioners should be considering as they take on challenges in the new year.

1. What’s in a Name? The Importance of DNS

2. The Tangled Web: SSL Encryption

3. BYOD: Represents the Weakest Link

4. MPLS: Goes Hybrid Cloud

5. Attacks: On the Internet of Things

1. What’s in a Name? The Importance of DNS

Zscaler points out the inherent weakness in DNS security practices as a big weakness that needs addressing.  There indeed are many faults in the system and Zscaler’s predictions call for enhanced monitoring and visibility towards DNS traffic due to advanced hacking techniques that exploit massive weaknesses undetected, ready to pounce once the attack is launched.  Through domain-generation algorithms, hackers are able to obfuscate the locations of their command and control networks of servers by creating many thousands of domains daily, and then only existing for brief periods of time.  It’s one point where Zscaler indicates suspicious activities can be detected early, making the propagation of botnets, malware and the command and control networks known much earlier, making the prospect of a more rapid response more realistic.

2. The Tangled Web: SSL Encryption

Zscaler also anticipates a pronounced challenge in the industry in dealing with encrypted traffic on the internet.  Encrypted standards are on the rise at various sites around the internet and the enterprise will continue its migration to better, more secure standards based on 2048-bit keys.  The challenges come in the form of visibility and management of SSL traffic inspection, essentially creating a blind spot within the network and causing performance degradations due to the enhanced security baselines.  This issue affects systems across the board and it could be a ‘ripe attack vector’ for hackers.  Additionally, hackers will increasingly utilize encrypted botnet callbacks in their command and control systems, making their activities that much harder to detect.

3. BYOD: Represents the Weakest Link

BYOD is on everyone’s mind and Zscaler sees it no different.  The prospect of mobile devices, the range of applications it introduces and the range of permissions they introduce are a threat within themselves.  There is also a rapid threat of mobile-based malware that is growing in incidence.  This is still one of the big risk points threatening the enterprise even at this advanced date and should be on everyone’s vigilance list to say the least.

4. MPLS: Goes Hybrid Cloud

Zscaler sees this organizational evolution of networking moving towards better security through the forces of economy, cloud and risk all in one.  It’s the height of cloud enablement, rapid deployments and rapid changes and what they predict is that organizations will be continuing this massive overhaul of security that was once built on private network strategy forward to a hybrid model of cloud-connected security constructs.  The MPLS model due to its high costs, time to deploy, maintenance and operations loses out in the face of today’s cloud-centered security models.

5. Attacks: On the Internet of Things

The internet of things – it’s a nascent industry and Zscaler foretells of a whole lot of problems on the horizon.  It starts with the wide variety of early entrants into this field.  It can be expected that as these technologies emerge with a focus on the abilities and functionality that each introduces, that security is a secondary thought to its implementation.  That’s an unfortunate reality that in the world of hackers looks like it will be a giant target and rich field to mine for years to come.

Conclusion:

In 2014, we will turn our eyes toward protecting privacy and moving beyond a hole-patching approach to security to a more strategic and integrated approach. We can expect, and will need to prepare for previously underused forms and venues for attacks and to don some serious thinking and prioritization of strategic objectives around cyber-security, at the highest level.

photo credits: jeff_golden Dell’s Official Flickr Page Nickster 2000 adafruit via photopin cc