Future Challenges Of IT Professionals



Posted: Tuesday, September 05, 2006

by Shwan Jaf

One of the major challenges of the IT Professional of the future (up to 2015) concerns information security. More and more businesses and governments are out to exploit the opportunities that the Web infrastructure of today and future presents. However, the Web also provides fertile ground for security and fraud attacks against consumers who buy and connect online, against enterprises that depend on the Internet for their operations, against employees who use e-mail for personal and business purposes, and so on. An analysis of information security incidents on the Internet show that the nature of these attacks that compromise security are becoming more and more complex. Traditionally enterprises have relied on the IT professionals to handle and manage all IT concerns, including computer security, network security and information security, in addition to the day to day information systems operation and management. Security conscious organizations have engaged Information security experts to attend to all security concerns. The training of most of the current crop of IT experts who find themselves increasingly involved with information security issues in the enterprise is generally inadequate for then emerging information security threats and attacks. Most of these professionals become security experts through specific enterprise. It is, however, becoming necessary that the IT expert of the future must also be thoroughly trained in all relevant aspects of security engineering, operations and management. The professional must be conversant with a wide variety of issues including security policy issues (user and content), legal issues (particularly DRM), threats and attacks scenarios, hacking techniques and tools, intrusion detection and monitoring, recovery and response, etc. To make the situation even more complex the IT professional must be conversant with the emerging e-commerce technologies, as this one of the pet targets for the malicious hackers.

The emerging Information security scenario

Hackers and an ever-increasing number of malicious parties are generally a step ahead of the traditional security protection mechanisms and are, therefore, able to inflict costly damages to business operations and functions. This happens in spite of the traditional firewalls, virtual private networks, intrusion detection tools, anti-virus software, etc. The IT professional must be capable of applying systems and behavior thinking in order to forestall the damages, such as fraud, that often result from the emerging threats scenario. By understanding the mechanisms of such threats and attacks, the IT expert of the future can, for example, watch out for suspicious purchase patterns and activities, and flag transactions from high-risk sources (individuals, groups or countries) for review to reduce fraud.

While it is true that most of the threats are from the web, there will also be a substantial threat from within enterprises. Traditional IT security mechanisms concentrate on repelling these external threats, thereby allowing many internal attacks to go unnoticed. The IT expert must be equipped to be able to apply and maintain effective protective security mechanisms to deal with both external and internal threats. Disgruntled employees have been known to compromise employers when they gain access to sensitive information. The expert must thus, have at his disposal the requisite knowledge and expertise to prevent malicious disclosure and/or modification of the organization information.

Wireless broadband "always-on" connections complicate the situation even further. Network separation techniques need to be implemented without compromising network dependability.

Increasing Complexity of Security Threats and attacks

The security threats and attacks of the future will continue to be more and more complex, as so must also be the countermeasures. Modern day and future Trojans, worms and virus attacks will continue to be more complex, more blended and more coordinated, and capable of inflicting much more damage than is the case now. Most of these attacks will be aimed at A or B DNS root servers in order to inflict as much damage and in as short a time as possible. This was the case with the trial SoBig F Worm of 2003, which was a blend of both the Blaster and the Naachi worms.

The evidence that is becoming clearer with time is that there is a correlation between security threats and malicious activities such as Internet fraud. The import of these developments is that the IT professional of the future must be capable of maintaining such high level of vigilance that will assure a hassle free e-business environment. The professional will have to keep abreast with all the incident reports on network and system vulnerabilities and ensure all the vendor recommended patches and updates on concerned software are thoroughly implemented as and when they become available.

Another emerging trend is that the Trojans, worms and viruses of the future will continue to attach themselves more effectively to the downloadable anti-virus software from various vendors.

The evolution of new hybrid or blended attacks that use multiple vectors to breech the security infrastructure highlights the need for the enterprise IT professional to be the one to spearhead the installation and maintenance of defensive mechanisms against a constantly shifting threat scenario. Without such concerted and well-orchestrated effort enterprises will continue to suffer potentially catastrophic damage to their business confidentiality, integrity and availability as intrusions have become more potent.

Future Attack trends

The ever-increasing Internet-based attacks are aimed at the most popular and widely used Internet application protocols and devices. The current and future Spam, phishing, spyware and adware attacks are designed to ensure greater reach and effectiveness. The IT expert must be proficient enough to be able to identify the general lifecycle of these threats and manage each stage effectively, from inception through termination. Spam and phishing attacks will increase with the increase with the use of e-mails. There will continue to be more web redirection and the attendant spoofing attacks. Information security enhancements in the face of all these attacks must mean an ever-reducing time interval between detection and reaction. The expert must have, or be able to obtain in the shortest time possible, all the proactive assessment tools.

Spyware are a potential future threat to e-business. Competitors can use spyware to gather and transmit information about each other via the Web without the other knowing. The IT professional will need to use an integrated solution of anti-virus and anti-spyware on a single platform. In this way the professional will be adequately empowered to efficiently mange a coordinated defense and hence the enterprise information security.

Operation and management

It is generally accepted that the risk of information being hacked depends on the length of the network or host exposure to the Web and the type of information being handled at the time or the activities. The expert must, therefore, have the appropriate tools at his/her exposure in order to mange and audit the network. The bigger the network the more the risk of exposure and the more the need for proactive and defensive action. The expert must be well aware of all these risks and must consistently apply the correct tools to carry out the required defensive activities such as mapping, monitoring, alerting and rectifying.

Another management issue is with regard to the management of employee e-mail. More and more employees are using e-mail and some can use this facility to send out organization sensitive information. Hence there will be a continuous need for content management .the expert must have the right tolls and equipment for content filtering and management. The policy and legal aspects must be appreciated.

Legal issues

The IT professional must be more and more aware of the legal implications of Information security implications. This activity is traditionally the domain of the legal advisor or whatever the title may be, but as more and more cyber crime laws are coming into force, the expert will naturally be brought to the fore. The information system infrastructure must be in a state of "forensic" readiness to ensure that the attacks those take places are dealt with quickly and in the most appropriate manner. If people are going to be charged in courts of law then the enterprise must seen have taken "reasonable" defensive actions!

Security policy

A formal information security policy must be in place, in order to effectively manage the information security of the future. This policy establishes standards for IT resource protection by assigning program management responsibilities and providing basic rules, guidelines and definitions for everyone in the enterprise. The IT professional "owns" this policy, which must necessarily be clear and comprehensive enough to be accepted and followed throughout the organization and yet flexible enough to accommodate a wide range of data, activities and resources. These policies address issues related to confidentiality, integrity and availability of an enterprise information system. Properly designed user level policies will, for example, address issue of e-mail access and usage by employees, etc, highlighted above.

Conclusion

The emerging trends in information security dictate that that the IT expert or professional of the future must be thoroughly trained in all the broader aspects if Information security. It is not just enough, as is the case the most common case now, for the IT professional to learn information security management on the job. The ever-increasing complexity of the security attack and threat scenario means that the IT professional of the future must be adequately trained on all the aspects of information security challenges.

Author: Shwan Jaf MSc (IT)

Email: shwan.jaf@gmail.com

Shwan Jaf is a network engineer working in Africa since 1992. His favorite field is wireless networking and security.

 

This Article has been viewed 1,433 times. (Not updated in real-time.)
Top-level comments on this article: (2 total)
» left by Rieko Nicholas
from Kisumu, Kenya 5 years 249 days ago.
The content is directly correlated with title with a slight inclination towards an experienced IT professional. The formatting is quite consistent and easy to read with no distracting sophistication. I just wonder whether you are a lover of doule-sided alignment (justification) of paragraphs like I. Bravo!
» left by James gatei
from Kenya 5 years 222 days ago.
yes On area of spyware, posibility of trojan,worms and viruses attaching themselfs in downloadable ant-viruses and updates. need for IT expert training is highly emphasiesd and i support him.Good article
We want your comments! If you can read this, you don't have javascript enabled, so you can't use this comment system. Please enable javascript.