As online attackers grow bolder and more sophisticated, a new approach holds the promise of better security at the network level, with improved traffic monitoring, analysis and responses.
As hackers grow bolder, mounting ever more sophisticated cyberattacks aimed at stealing corporate and consumer data or disrupting services and systems, organizations of all sizes are coming to grips with the limitations of their network security.
As Morgan Stanley Research noted in its 2016 BluePaper, “Rethinking Security,” the traditional approach to cybersecurity focuses on simply keeping the bad actors out. What's needed now: a better way to track and analyze traffic within a network to quickly identify and shut down attacks already underway. “For the good guys running IT networks, this is essential because the bad guys are already there,” says Keith Weiss, head of U.S. software coverage.
We think the benefit of better security through software-defined networks will become the primary driver of networking spend.
Enter software-defined networks, also know as security-defined networks or SDN2. This strategy combines networking and security technologies to dramatically improve traffic monitoring, analysis and response throughout networks and across technology platforms. At the same time, SDN2 could save global enterprises $17 billion a year in reduced security breaches, representing a “killer app” that promises to boost networking spend—and at a time when growth through increased Web traffic is fading.
“We think the benefit of better security through software-defined networks will become the primary driver of networking spend,” says James Faucette, U.S. communications systems and payments analyst and lead author of the recent report, “SDN2: The Rise of Security-Defined Networking,” looking at the trend and what it means for companies, consumers and investors. Indeed, at least one major technology networking company has positioned itself to better leverage this new approach through acquisitions that improve traffic visibility, analytics and automation.
Most IT security solutions today take advantage of Moore's Law—that processing power per square inch on a computer chip doubles every two years. Yet, this creates its own challenges. “Networking attacks increasingly exploit better processing power multiplied by faster bandwidth to mount more effective attacks,” says Faucette. The solution is to integrate security into traditional networking, namely through better traffic-monitoring and automated responses. “When security-defined networking is fully implemented, we think it allows for the security stance to potentially benefit from both Moore's Law and increasing bandwidth, hence SDN2,” he adds.
This approach also allows IT managers to better aggregate security across different platforms, and segment security policies by application, user and user-case level. “Traditional network security architectures have focused on securing the perimeter, which by itself has proven ineffective in light of very stealthy malware, increasingly distributed environments and the rising role of insider threats,” says Faucette.
By focusing more on security, networking companies make a stronger case for customers to buy the newest products and services, especially at a time when software-defined networking alone has struggled to demonstrate a return on investment for many customers. Networking accounts for a small percent of IT budgets, but reducing the cost of security breaches by just 10% can save global enterprises an estimated $17 billion annually.
“With an improved return on investment from security use cases, we think SDN2 could fundamentally change networking spend from capacity-driven upgrade cycles to security-driven investment,” says Faucette. Meanwhile, Weiss notes that security budgets favor platform providers that can integrate the best technologies.
Given their reach, networking vendors are in a good position to provide key security improvements. However, this shift requires further software development to offer users increased visibility, analytics and response. Companies that can provide such integrated features stand to gain most in terms of security and networking budgets, driving earnings growth and multiple expansion. “For networking equipment companies, offering their customers the right level of scale will be key to deploying the benefits of SDN2,” says Faucette.
The advantages of shifting to SDN2 also applies to other tech network-based companies, in particular, providers of virtualization and cloud computing, notes Melissa Gorham, who covers small and midsized enterprise software security companies. Both of these categories essentially offer their customers a way to leave behind expensive and antiquated hardware and software technology by virtualizing their hardware and/or accessing essential software in the cloud.
In general, more corporations are planning to spend less on their older tech infrastructure, and more on virtualization and cloud computing over the long run, Gorham says. Making sure that SDN2 is part of the package helps to justify increased spending in these new categories.
For more Morgan Stanley Research on the ramifications of cybersecurity's evolution, ask your Morgan Stanley representative or Financial Advisor for the full report, “SDN2: The Rise of Security-Defined Networking,” (May 15, 2017) or the BluePaper “Cybersecurity: Rethinking Security" (Apr 5, 2016). Plus, more Ideas.