From a security standpoint, 2003 ended with a few events that I found notable. Several key companies consolidated: Check Point Software Technologies bought Zone Labs, Shavlik Technologies bought Gibraltar Software, VeriSign bought Guardent, and EMC bought VMware. Each acquisition will have a significant impact on the security market. gibraltar release final 12-16-03.pdf

Also of note are a couple of Microsoft events: On December 17, the company posted the beta version of its upcoming Service Pack 2 (SP2) for Windows XP on its Betaplace Web site (you must be a beta team member to access the Web site). The service pack promises to significantly improve the security of the XP OS. Microsoft also released a related document to help users deploy XP's Internet Connection Firewall (ICF) in enterprise network environments. You can read more about the latter in the related news story, "XP SP2 Beta: Deploying ICF," in this edition of the newsletter.

So what's in store for 2004? Although that's anybody's guess, I can make a few reasonable predictions based on industry hot spots and sore spots. I'll bet we see some significant events centered on patch management, junk email, viruses and worms, and managed security services.

I could be wrong, but it seems to me that the volume of complaints about patch management is second only to the volume of complaints about the security of a given product. Patches are "good things"; however, applying patches in a given network environment isn't necessarily simple. Better tools are required. In 2004, I think we'll see both Microsoft and third-party patch solution vendors involved in some major development work in this area. I wouldn't be surprised to see Microsoft acquire a patch solution company in the next year or two.

New antispam laws are on the US law books now, and we know about two people who were recently charged with felonies for specific email abuses. We'll probably see more spammers criminally prosecuted in 2004, but the question remains whether such prosecutions will bring any real reduction of junk email. One effect of the new laws we probably will see is more spammers moving their operations offshore.

One of the biggest security problems we'll probably all face in 2004 is malicious users propagating major viruses and worms perhaps even more severe than Blaster, Slammer, and SoBig. Such events will wreak havoc on users everywhere. However, one or two more major incidents will also put greater pressure on ISPs, both large and small, to step forward and help stem the flow in some long-term fashion. How could ISPs help? I don't know of any ISPs that require customers to maintain both firewalls and antivirus software. Perhaps ISPs will begin to make firewalls and antivirus software mandatory for all customers who expect to use connection services.

All of which leads me to another significant area for security in 2004 and beyond: managed security services. We'll surely see increased activity in managed security services as companies try to offset their expenses while reducing their level of risk and liability. As more companies move toward outsourcing their security needs through such services, security administrators will probably have to make changes to remain competitive in the workforce--whether they stay inside or move outside their current organizations. For example, they might take on additional responsibilities, such as more generalized network administration; move into business management positions or consulting; or seek employment at managed security services companies.

If you have additional ideas about elements of the security arena that seem ripe for major movement or change in 2004, I'd like to hear about them. Send me an email with your thoughts. In the meantime, I wish you all a happy and secure new year.