Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: How security pros can benefit from information sharing."

Download it now to read this article plus other related content.

TECHKNOWLEDGE
What security technology do you need that you can't get today? Here's your wish list.

Necessity is the mother of invention. The wheel was invented to make movement easier. The Romans invented the arch to support large, heavy structures. Samuel Morse invented the telegraph for fast communication across vast distances. The list goes on.

Security technologies and processes are also born of necessity. Marcus Ranum commercialized the firewall because enterprises migrating to the World Wide Web needed network-layer access control. Peter Tippett pioneered AV technology because PC users were getting hammered with boot-sector viruses. Marty Roesch developed Snort because enterprises needed a flexible IDS sensor to detect the things firewalls can't stop.

Security practitioners run into necessity all the time. Like craftsmen tinkering in workshops, they discover what's missing in their toolboxes and improvise solutions to new problems and tasks. Eventually, improvisation is translated into new standards, technologies and products.

Information Security wanted to know what new technologies, protocols, standards and processes you--the security practitioner--yearn for to make your job easier. What doesn't exist today that you wish you had? Here's a sampling of the "wishes" you want to see come out of security workshops and policymakers' offices.

Making ISPs Responsible for Security
Who's in

    Requires Free Membership to View

the best position to deal with security threats and events other than the people handling the traffic--the Internet service providers? Readers wish ISPs were mandated to secure their backbones and networks, and guard against Internet-borne attacks--worms, spam and bots--so enterprises won't have to.

Many ISPs filter for viruses, worms and malicious traffic, and others are beginning to provide AV scanning for e-mail and malicious traffic traveling over their pipes, sparing their customers that burden. But there's no requirement--yet.

Some readers wish that the government would require ISPs to take responsibility for security. They'd also like to see offshore traffic enter the U.S. through specific points, allowing the government to monitor all incoming traffic for security compliance and providing control over unregulated traffic.

The benefits of regulated ISP security are obvious: greater control over traffic flow, the blocking of malicious traffic before it hits PCs, and reduced theft of bandwidth and resources. As one reader states, "Trying to fix these problems at the individual computer level will never work, because users will never be able to update and patch their computers effectively."

This was first published in January 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: