It's been an interesting decade, to say the least. Unprecedented highs gave way to terrifying lows. And that was just my stock portfolio.
How many of you remember what an uphill battle it was to convince your organization to deploy antivirus software on every device? Remember the old question: "Do we really need that firewall?" Now it's not if you need security, it's how much and where. Yep, that's a form of maturity.
The sheer number of threats has mushroomed as well. Ten years ago, attacks were infrequent enough that you could set a couple of router and firewall rules to stay ahead of the bad guys. Now, with about 4000 vulnerabilities annually, the reality is you aren't going to get everything fixed, so you need to choose carefully. Another sign of maturity.
The malcontents trying to break into your network have changed as well. At first, hacking was a novelty (anyone remember the movie War Games?), undertaken by socially inept high school students looking to impress their friends. Today, hacking is a business run by global, organized crime cartels. These people don't mess around. The objective is not to deface a Web site, but to monetize stolen, private information and to turn unprotected devices into zombies. You guessed it - that's maturity.
Now companies are facing the supervision of various regulators to make sure private information is protected and adequate financial controls are in place.
Finally, let's look at growth and the types of vendors providing these security solutions. Sure, there are still a ton of start-ups (actually way too many), but the ones driving the agenda are not pure-plays anymore. Cisco and Microsoft are the titans of the arena. The biggest pure play, Symantec, acquired Veritas last year, because providing security alone is no longer enough. That is maturity with a capital M.
Mature problems require mature solutions coming from mature vendors. The objective is to build a security architecture that doesn't need a new widget for every new threat. Network professionals need to act maturely in thinking strategically, not tactically.
Rothman is president and principal analyst of consultancy Security Incite