This is the fifth in our series of cybersecurity predictions for 2016. Stay tuned for more through the end of the year.
Service providers are in the thick of major changes, all of which have significant security implications. As we close out 2015, let’s take a look at major trends that will gain prominence for service providers in 2016.
Rapid Growth in the Industrial Internet of Things (IIoT)
Gartner predicts the Internet of Things (IoT) market will grow from about 4.8 billion connected devices in 2015 to 25 billion in 2020. While growth in the consumer space (e.g., personal gadgets, sensors in the home) is rapid, IoT in the industrial realm may, in fact, be the bigger story. Electric utilities, manufacturers, automotive, and governments will make major IoT investments to bring their respective industries into the IoT age. The potential for returns in operational efficiencies are compelling, but these returns come with risk.
For example, utilities and manufacturing facilities have, for the most part, been isolated from public networks to date. Cybersecurity was mostly a matter of maintaining that isolation – ensuring SCADA systems were kept apart from the general purpose network used by the rest of the enterprise. The IIoT is changing that paradigm and service providers have a critical role to play in securing that infrastructure. Some of the new requirements to emerge from this:
- Service providers will need to elevate network security past the network layer and into the application layer to identify and isolate compromised endpoints.
- IIoT systems are often highly time sensitive (ultra-low latency requirements). Service providers will need to ensure quality of service and protect against attacks that would degrade performance.
- Increased segmentation. With industrial systems in effect “on the Internet,” Service providers will need to replace the physical isolation these systems used to enjoy with logical isolation based on ensuring only authorized traffic gets into these networks. They will need to ensure only authorized applications, users, and content have access to these critical systems.
More Virtualized Network Services – NFV/SDN Taking Off
In 2015 we saw the commercial release of virtualized services by major service providers. In fact, Infonetics forecasts a fivefold increase in the NFV/SDN market by 2019. With many more projects in the pipeline and more of the service provider infrastructure being virtualized, 2016 will see the release of more SDN/NFV-based services. Key security elements of this trend:
- Look for greater availability of virtualized “security-as-a-service” offerings. Public cloud offerings (e.g., AWS) are already available. Look for more private offerings from service providers, such as virtual CPE and virtualized hosted security. Competition among service providers will heat up, and customers will gain the benefits of more choices in plans and pricing, along with faster provisioning and improved service. The winners: providers who build services on tightly integrated security platforms with strong hooks into orchestration, OSS, and BSS.
- Security will be become part of the DNA of NFV-enabled network services. As service providers leverage SDN/NFV to move up the customer value chain, security will be embedded as a VNF (virtualized network function). And, as core infrastructure is virtualized, service providers will gain new capabilities to embed security into the network.
- In order to transform networks from hardware- to software-centric, service providers face a skills gap that threatens to emerge on the critical path of major projects. Vendor partnerships will be key in mitigating this gap. Service providers will look to NFV suppliers with well-integrated solutions and a successful track record with early adopters.
Emerging Security Opportunities for Service Providers
Security concerns have been longstanding barriers to adopting cloud technologies by larger enterprises. While large enterprises have embraced private cloud, public and hybrid cloud adoption are running into headwinds due to security concerns. A survey conducted by the Cloud Security Alliance found security to be the top concern holding back cloud projects.
Service providers have an opportunity to move up the value chain with their enterprise customers by deploying comprehensive security solutions for the cloud-enabled enterprise. These security offerings will include:
- Secure network connectivity to the public cloud.
- Secure employee access to cloud services.
- Breach protection for cloud assets.
- Policy management and enforcement for cloud-hosted services and data.
Customers will demand integrated offerings that deliver comprehensive security and can be tailored to their needs. They will require a security architecture that treats the assets they hold in the cloud with at least the same security as those assets receive in house. They will need security assurance that public cloud services do not open new attack vectors into the private network. The key to operational and financial success with these service initiatives will be integrated security platforms that address the full range of security requirements enterprises are demanding.