There aren’t many markets where, when the old products have failed, customers flock back for more.一旦原有产品仍然好用,客户不会四散回去,谋求更加多产品,这样的市场为数不多。That could explain why the leading lights of computer security – who have converged on San Francisco this week for their industry’s biggest gathering – have been struggling to strike the right tone.这可以说明,为什么计算机安全行业的领先巨擘仍然极力收到准确的声音。近日,这些安全性厂商齐聚旧金山,开会业界规模仅次于的会议。Something between humility, schadenfreude and a wary self-confidence seems to be the order of the day. A Queen cover band may have launched the event with a blasting rendition of We are the Champions but the triumphalism was otherwise in short supply.议程或许混合着谦虚、幸灾乐祸以及谨慎热情的味道。
一只仿效皇后乐队(Queen)的经典歌曲乐队演出一曲浑厚的《We are the Champions》,冲破了会议帷幕,但除此以外,会上再行去找将近多少胜利色彩。Recent headlines suggest that even the best-defended computer networks resemble Swiss cheese. But, if the old approaches to security have been discredited, there is no shortage of new companies springing up with promises of better ways to plug the gaps – or at least make a lot of money trying.最近的头条新闻指出,即便是防卫最森严的计算机网络也一样漏洞百出。不过,每当旧有的安全策略丧失人们的信任,总会立刻冒出有一批新的公司,允诺拿走更佳的办法空缺漏洞——或者最少在尝试做这一点的过程中大赚一笔。
The IT security market, worth some $65bn this year, is set to grow at 9 per cent annually for the foreseeable future, according to Gartner – which is a lot faster than the IT industry as a whole. Since large parts of the security market are barely growing, that leaves plenty of opportunity to cash in on new approaches.低德纳(Gartner)认为,IT安全性市场今年规模约650亿美元左右,在可意识到的未来,年增长率将约9%,这比整个IT行业的快速增长慢多了。由于安全性市场的大部分都快速增长力弱,因此从开发新安全策略中利润的空间极大。
The dirty secret that the security professionals can no longer keep to themselves is that their old defences – which were aimed at protecting PCs and other devices that comprise the endpoints of computer networks – no longer work.安全性专业人士无法之后秘而不宣的秘密是,他们传统的防卫策略仍然奏效。这种策略目的维护包含计算机网络终端的PC以及其他设备的安全性。Anti-virus software has proved ineffective against the most sophisticated attacks – and therefore the ones likely to cost most in terms of damage inflicted or intellectual property lost.事实证明,在简单的反击面前,反病毒软件效果不欠佳。
因此面临有可能导致最严重破坏、或者造成知识产权损失的反击,它们也将违宪。Hopes for a fightback are now pinned on two very different approaches.反攻的期望竭尽在两种截然不同的方式上。One involves spotting so-called malware long before it reaches its intended targets. Companies such as Palo Alto Networks, one of last year’s hottest tech initial public offerings, and FireEye, tipped to follow it, specialise in appliances that sit at the gateway to corporate or government networks, looking out for such threats.其一是在所谓的恶意软件抵达反击目标之前,就将其辨认出。
去年上市的最热门科技公司之一Palo Alto Networks,以及紧随其后的FireEye,专门生产这样的防卫软件,软件守卫企业或者政府网络的网关,监控此类威胁。Pulling suspicious-looking email attachments and testing them in ringfenced “sandboxes” before allowing them to be delivered offers the promise of filtering out many of these malware threats, almost in real time, according to Asheem Chandna, a former security industry executive and now venture capital investor at Greylock.安全性行业前高管、现为Greylock风险投资家的阿西姆?钱德纳(Asheem Chandna)回应,在邮件投递之前,分离出来怀疑的邮件附件,放到隔绝的“沙盒”中测试,未来将会过滤器掉大量此类恶意软件的威胁,而且完全是动态的。This may sound like a natural market for networking companies such as Cisco and Juniper. But, as so often in technology, start-ups have set the pace so far. With Palo Alto trading at 10 times revenues, some high-priced acquisitions seem likely as the industry giants add to their arsenal of defences.这有可能听得一起就是思科(Cisco)或瞻博网络(Juniper)等网络设备企业的天然市场。然而,在科技行业,初创企业往往先行一步,引导趋势。
Palo Alto的市销率已约10倍,随着业界巨头加添其安全性领域的军火库,未来有可能再次发生一些高价并购交易。The second approach begins with an acceptance that even the best-secured networks will be penetrated. If the attackers are assumed to be already on the inside, then the focus shifts to identifying their tracks as they move around – while making sure a company’s most important digital assets are harder for the intruders to locate and extract.第二种方法指出,即便是防御最周密的网络也不会被渗入。如果假设攻击者早已转入网络内部,那么重点就移往到在攻击者四处诛杀之前找到他们的下落轨迹,同时确保企业最重要的数字资产更为无法被入侵者瞄准、盗取。
Latching on to another of the tech industry’s big promises, the security purveyors have discovered big data. Pattern recognition – using reams of data to identify normal types of behaviour on a network, in order to spot the anomalies – is becoming the order of the day.科技行业还有一个宏伟的允诺——大数据,有为这一点的安全性企业已开始对之加以利用。模式识别正在托上议程。模式识别是指用于大量数据筛选出有一个网络中的长时间不道德模式,从而发现异常不道德。
The result is what Francis deSouza, president of products and services at Symantec, calls “big intelligence” – in which a stronger situational awareness and a better sense of behavioural norms are the main lines of defence.赛门铁克(Symantec)产品与服务总裁弗朗西斯?德苏恰(Francis deSouza)称之为这种方法为“大情报”,即以对网络情况和长时间不道德模式的更加强劲做到包含主要防卫阵线。Yet the big data promise can only go so far. The extent of the architectural shift in computing, as the client-server age gives way to the cloud, raises profound challenges to the old methods of securing data. The number and variety of computing endpoints is multiplying almost exponentially as mobile devices and, increasingly, machine-to-machine communications proliferate. A tide of data are starting to flow out of corporate networks to tap services that live in the cloud, turning the old defensive barriers into virtual Maginot Lines.然而,大数据带给的也就这么多了。
随着客户端-服务器时代让坐落于云端平台,计算出来架构的大规模移往对确保数据安全的传统方式明确提出了极大挑战。随着移动设备以及更加多的机器与机器之间通信量的剧增,计算出来终端数量和类型完全呈圆形几何级数快速增长。潮水般的数据于是以开始从企业网络流入,转而利用云端服务,使传统的防卫壁垒出了虚拟世界的马其诺防线。
At least the security industry, accused alternately of alarmism and complacency, now has a more realistic way to talk to its customers. The big data promise is that, although the enemy is wily and will find ways to break in, the defenders have smarts of their own. They may sometimes lose this cat-and-mouse game, but at least there is a chance of minimising the damage. And, besides the improved rhetoric, there is another benefit to these new approaches: some of them might even work.最少,总被谴责耸人听闻、自鸣得意的安全性行业,现在需要更为实事求是地同客户聊天。在大数据的允诺下,即使敌人诡计多端,总能寻找破门而入之道,防水者也有自己的应付技巧。
防水者有时可能会赢这场猫抓老鼠的博弈论,但最少有机会把损失降到低于。这些新的策略不光听得一起更加幸福,还有另外的优点:其中有些还是有可能起起到的。
本文来源:6966集团官网直营-www.houses2fix.com