Arbor Networks: Security to the Core

The news these days is increasingly dire. Everyone is feeling it, including the taxi driver I spoke to this morning. Yesterday morning one of the headlines that jumped out at me was that a major service provider is announcing layoffs tomorrow. I quickly Googled and came up with this:

Results 1 – 10 of about 7,490 for internet.service.provider layoffs october 2008

The industry is going to get the fat cut out, but we may also lose some meat. The fat that businesses have to trim are things like overlap from mergers and acquisitions, ailing business units, and the results of internal mergers. The meat that I’m talking about, however, are the deep, painful cuts in functional units. Here good people or programs are trimmed to reduce costs, and everyone else is left to work harder with fewer resources. We all know a few folks here and there who were cut as a random act of management, but this situation is a lot more likely to cause that to happen in a lot of places.

Infosec is sometimes seen as a cost center because it often doesn’t have a clear ROI presentation. In the industry, I think a lot of people are worried that they or their staffs will be cut, reducing their efficacy. Some folks are worried about the fallout of this: if ISPs and hosting providers are having difficulties in staying ahead of malicious sites and infected hosts with their current staffs and tools, with smaller staffs and delayed capital acquisitions how can they stand a chance unless the game changes radically?

Couple this to evidence that suggests that there may be a correlation between crime and economic downturns, so we can probably expect an uptick in online crime as the international economic crisis continues. More pressures.

In short: the good guys are struggling to keep up with the pace of malcode an financially-motivated online crime with what resources they have, we all will suffer more when more attackers move to crime and the good guys have fewer resources to fight them.

The questions that fall out of this are two-fold:

1. If you’re at an ISP, how will you make sure that when your team gets cut that the infosec duties you have don’t fall on the floor, giving criminals a strong foothold.
2. If you’re a vendor, what are you taking into consideration in light of this economic downturn? It’s not just purchasing budgets that will feel the pinch.

These are the questions that are driving my work these days.

This entry was posted on Tuesday, October 21st, 2008 at 11:20 am and is filed under Arbor Networks, Attacks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.