This article can also be found in the Premium Editorial Download "Information Security magazine: How security pros can benefit from information sharing."
Download it now to read this article plus other related content.
What security technology do you need that you can't get today? Here's your wish list.
Necessity is the mother of invention. The wheel was invented to make movement easier. The Romans invented the arch to support large, heavy structures. Samuel Morse invented the telegraph for fast communication across vast distances. The list goes on.
Security technologies and processes are also born of necessity. Marcus Ranum commercialized the firewall because enterprises migrating to the World Wide Web needed network-layer access control. Peter Tippett pioneered AV technology because PC users were getting hammered with boot-sector viruses. Marty Roesch developed Snort because enterprises needed a flexible IDS sensor to detect the things firewalls can't stop.
Security practitioners run into necessity all the time. Like craftsmen tinkering in workshops, they discover what's missing in their toolboxes and improvise solutions to new problems and tasks. Eventually, improvisation is translated into new standards, technologies and products.
Information Security wanted to know what new technologies, protocols, standards and processes you--the security practitioner--yearn for to make your job easier. What doesn't exist today that you wish you had? Here's a sampling of the "wishes" you want to see come out of security workshops and policymakers' offices.
Making ISPs Responsible for Security
Many ISPs filter for viruses, worms and malicious traffic, and others are beginning to provide AV scanning for e-mail and malicious traffic traveling over their pipes, sparing their customers that burden. But there's no requirement--yet.
Some readers wish that the government would require ISPs to take responsibility for security. They'd also like to see offshore traffic enter the U.S. through specific points, allowing the government to monitor all incoming traffic for security compliance and providing control over unregulated traffic.
The benefits of regulated ISP security are obvious: greater control over traffic flow, the blocking of malicious traffic before it hits PCs, and reduced theft of bandwidth and resources. As one reader states, "Trying to fix these problems at the individual computer level will never work, because users will never be able to update and patch their computers effectively."
This was first published in January 2005