評論
打印
There aren’t many markets where, when the old products have failed, customers flock back for more.
一旦舊產(chǎn)品不再好用,客戶會蜂擁回來,尋求更多產(chǎn)品,這樣的市場為數(shù)不多。
That could explain why the leading lights of computer security – who have converged on San Francisco this week for their industry’s biggest gathering – have been struggling to strike the right tone.
這可以解釋,為什么計(jì)算機(jī)安全行業(yè)的領(lǐng)先巨擘一直竭力發(fā)出正確的聲音。近日,這些安全廠商齊聚舊金山,召開業(yè)界規(guī)模最大的會議。
Something between humility, schadenfreude and a wary self-confidence seems to be the order of the day. A Queen cover band may have launched the event with a blasting rendition of We are the Champions but the triumphalism was otherwise in short supply.
議程似乎混合著謙遜、幸災(zāi)樂禍以及審慎自信的味道。一只模仿皇后樂隊(duì)(Queen)的翻唱樂隊(duì)表演一曲高亢的《We are the Champions》,拉開了會議帷幕,但除此以外,會上再找不到多少勝利色彩。
Recent headlines suggest that even the best-defended computer networks resemble Swiss cheese. But, if the old approaches to security have been discredited, there is no shortage of new companies springing up with promises of better ways to plug the gaps – or at least make a lot of money trying.
最近的頭條新聞表明,即便是防御最嚴(yán)密的計(jì)算機(jī)網(wǎng)絡(luò)也一樣漏洞百出。不過,每當(dāng)舊有的安全策略失去人們的信任,總會馬上冒出一批新公司,承諾拿出更好的辦法填補(bǔ)漏洞——或者至少在嘗試做到這一點(diǎn)的過程中大賺一筆。
The IT security market, worth some $65bn this year, is set to grow at 9 per cent annually for the foreseeable future, according to Gartner – which is a lot faster than the IT industry as a whole. Since large parts of the security market are barely growing, that leaves plenty of opportunity to cash in on new approaches.
高德納(Gartner)指出,IT安全市場今年規(guī)模達(dá)650億美元左右,在可預(yù)見的未來,年增長率將達(dá)9%,這比整個(gè)IT行業(yè)的增長快多了。由于安全市場的大部分都增長乏力,因此從開發(fā)新安全策略中獲利的空間巨大。
The dirty secret that the security professionals can no longer keep to themselves is that their old defences – which were aimed at protecting PCs and other devices that comprise the endpoints of computer networks – no longer work.
安全專業(yè)人士無法繼續(xù)秘而不宣的秘密是,他們傳統(tǒng)的防御策略不再奏效。這種策略旨在保護(hù)構(gòu)成計(jì)算機(jī)網(wǎng)絡(luò)終端的PC以及其他設(shè)備的安全。
Anti-virus software has proved ineffective against the most sophisticated attacks – and therefore the ones likely to cost most in terms of damage inflicted or intellectual property lost.
事實(shí)證明,在復(fù)雜的攻擊面前,反病毒軟件效果不佳。因此面對可能造成最嚴(yán)重破壞、或者導(dǎo)致知識產(chǎn)權(quán)損失的攻擊,它們也將無效。
Hopes for a fightback are now pinned on two very different approaches.
反擊的希望寄托在兩種截然不同的方式上。
One involves spotting so-called malware long before it reaches its intended targets. Companies such as Palo Alto Networks, one of last year’s hottest tech initial public offerings, and FireEye, tipped to follow it, specialise in appliances that sit at the gateway to corporate or government networks, looking out for such threats.
其一是在所謂的惡意軟件到達(dá)攻擊目標(biāo)之前,就將其辨認(rèn)出來。去年上市的最熱門科技公司之一Palo Alto Networks,以及緊隨其后的FireEye,專門生產(chǎn)這樣的防御軟件,軟件把守企業(yè)或者政府網(wǎng)絡(luò)的網(wǎng)關(guān),監(jiān)視此類威脅。
Pulling suspicious-looking email attachments and testing them in ringfenced “sandboxes” before allowing them to be delivered offers the promise of filtering out many of these malware threats, almost in real time, according to Asheem Chandna, a former security industry executive and now venture capital investor at Greylock.
安全行業(yè)前高管、現(xiàn)為Greylock風(fēng)險(xiǎn)投資家的阿西姆?錢德納(Asheem Chandna)表示,在郵件投遞之前,分離可疑的郵件附件,放在隔離的“沙盒”中測試,有望過濾掉大量此類惡意軟件的威脅,而且?guī)缀跏菍?shí)時(shí)的。
This may sound like a natural market for networking companies such as Cisco and Juniper. But, as so often in technology, start-ups have set the pace so far. With Palo Alto trading at 10 times revenues, some high-priced acquisitions seem likely as the industry giants add to their arsenal of defences.
這可能聽起來就是思科(Cisco)或瞻博網(wǎng)絡(luò)(Juniper)等網(wǎng)絡(luò)設(shè)備企業(yè)的天然市場。然而,在科技行業(yè),初創(chuàng)企業(yè)往往先行一步,引領(lǐng)趨勢。Palo Alto的市銷率已達(dá)10倍,隨著業(yè)界巨頭增添其安全領(lǐng)域的軍火庫,未來可能發(fā)生一些高價(jià)收購交易。
The second approach begins with an acceptance that even the best-secured networks will be penetrated. If the attackers are assumed to be already on the inside, then the focus shifts to identifying their tracks as they move around – while making sure a company’s most important digital assets are harder for the intruders to locate and extract.
第二種方法認(rèn)為,即便是防衛(wèi)最周密的網(wǎng)絡(luò)也會被滲透。如果假設(shè)攻擊者已經(jīng)進(jìn)入網(wǎng)絡(luò)內(nèi)部,那么重點(diǎn)就轉(zhuǎn)移到在攻擊者四處作亂之前找出他們的行蹤軌跡,同時(shí)保證企業(yè)最重要的數(shù)字資產(chǎn)更加難以被入侵者鎖定、竊取。
Latching on to another of the tech industry’s big promises, the security purveyors have discovered big data. Pattern recognition – using reams of data to identify normal types of behaviour on a network, in order to spot the anomalies – is becoming the order of the day.
科技行業(yè)還有一個(gè)宏大的承諾——大數(shù)據(jù),深諳這一點(diǎn)的安全企業(yè)已開始對之加以利用。模式識別正在提上議程。模式識別是指使用大量數(shù)據(jù)甄別出一個(gè)網(wǎng)絡(luò)中的正常行為模式,從而發(fā)現(xiàn)異常行為。
The result is what Francis deSouza, president of products and services at Symantec, calls “big intelligence” – in which a stronger situational awareness and a better sense of behavioural norms are the main lines of defence.
賽門鐵克(Symantec)產(chǎn)品與服務(wù)總裁弗朗西斯?德蘇扎(Francis deSouza)稱這種方法為“大情報(bào)”,即以對網(wǎng)絡(luò)情況和正常行為模式的更強(qiáng)把握構(gòu)成主要防御陣線。
Yet the big data promise can only go so far. The extent of the architectural shift in computing, as the client-server age gives way to the cloud, raises profound challenges to the old methods of securing data. The number and variety of computing endpoints is multiplying almost exponentially as mobile devices and, increasingly, machine-to-machine communications proliferate. A tide of data are starting to flow out of corporate networks to tap services that live in the cloud, turning the old defensive barriers into virtual Maginot Lines.
然而,大數(shù)據(jù)帶來的也就這么多了。隨著客戶端-服務(wù)器時(shí)代讓位于云端平臺,計(jì)算架構(gòu)的大規(guī)模轉(zhuǎn)移對保證數(shù)據(jù)安全的傳統(tǒng)方式提出了巨大挑戰(zhàn)。隨著移動設(shè)備以及越來越多的機(jī)器與機(jī)器之間通信量的激增,計(jì)算終端數(shù)量和類型幾乎呈幾何級數(shù)增長。潮水般的數(shù)據(jù)正開始從企業(yè)網(wǎng)絡(luò)流出,轉(zhuǎn)而利用云端服務(wù),使傳統(tǒng)的防御壁壘成了虛擬世界的馬其諾防線。
At least the security industry, accused alternately of alarmism and complacency, now has a more realistic way to talk to its customers. The big data promise is that, although the enemy is wily and will find ways to break in, the defenders have smarts of their own. They may sometimes lose this cat-and-mouse game, but at least there is a chance of minimising the damage. And, besides the improved rhetoric, there is another benefit to these new approaches: some of them might even work.
至少,總被指責(zé)聳人聽聞、自鳴得意的安全行業(yè),現(xiàn)在能夠更加實(shí)事求是地同客戶交談。在大數(shù)據(jù)的承諾下,即使敵人詭計(jì)多端,總能找到破門而入之道,防護(hù)者也有自己的應(yīng)對技巧。防護(hù)者有時(shí)可能會輸?shù)暨@場貓捉老鼠的博弈,但至少有機(jī)會把損失降至最低。這些新的策略不光聽起來更美好,還有另外的優(yōu)點(diǎn):其中有些還是有可能起作用的。
