It's the time when predictions for the new year run high, and when it comes to IT security, Gartner analysts are predicting that 2013 is going to be about expansion of cloud computing and the struggle by the enterprise to achieve appropriate security for it.
"Increased adoption of cloud-based computing is expected to impact the way security is consumed as well as how key government agencies will prioritize security of public cloud infrastructure," was the take from Gartner analysts Ruggero Contu, Lawrence Pingree, and Eric Ahlm in their predictions forecast.
Gartner predicts by 2015, 10% of overall IT security enterprise capabilities will be delivered in the cloud, with the focus today clearly on messaging, Web security and remote vulnerability assessment. However, there's also the expectation there will be more on the way, such as data-loss prevention, encryption, authentication available too as technologies aimed to support cloud computing mature.
Gartner anticipates the acceleration of change in cloud-based security will likely "threaten" some traditional business relationships that IT security providers have with their value-added resellers, for example. But the overall trend will lead to more managed security services providers through cloud delivery. Not surprisingly, a high level of merger and acquisition activity related to cloud-security start-ups and established players is predicted to be seen throughout 2013.
The U.S. federal government is moving along with its so-called FedRamp Program to accommodate external federal cloud services adoption, and this will also create conditions for growing use by federal agencies, Gartner notes. New compliance regimes are expected to take shape with standards defined by the National Institute of Standards and Technology, among others. Gartner expects that by 2016, all of this will even lead to public-cloud infrastructure becoming subject to "critical national infrastructure regulations" by the U.S.
The downside to growing cloud use by many, however, Gartner notes, is that failures in service availability, as has already been seen to happen in the past few years, could bring a "cascade" effect that would impact many thousands of organizations.
But Gartner's predictions on IT security weren't only about cloud computing and IT security. Virtualization of networks is a continuing transformation and Gartner predicts by 2015, 20% of the VPN/firewall market will be deployed as a virtual switch on a hypervisor rather than as a physical security appliance.
"VMware's edge firewall could expand virtual switch firewall adoption to beyond just the data center," Gartner's 2013 predictions report surmises. "To date, the virtual firewall market has been limited to data-center-class firewalls, which make up the minority of the total firewall market. A push from the virtual providers to bring their technology to the edge could be a key accelerator to the virtual switch market growth."
Indeed, the larger trend moving into 2013 is that the IT security industry, confronting the fact that networks have become virtualized, simply have no choice but to adapt — and that means "partnering with hypervisor providers has become critical to offering network security on the virtual switch."
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org.