NEW YORK (
There is a significant change coming to endpoint security, with dramatic implications for how end users will be protected and what security companies must do to remain relevant and competitive. In fact, within 3-4 years, I expect endpoint security to change so much that it will hardly resemble the architecture we currently have in place. The changes will be mostly transparent to users, but will increase their level of protection, extend the umbrella across a much wider array of devices, and protect against a changing threat environment. So what will change?
First, â¿¿thickâ¿ clients (like current AV and Firewall SW suites) will be slimmed down dramatically, as a result of new platforms that are exposed but not as rich a target as current PCs (e.g., smart phones, tablets, Internet devices). Further, the â¿¿thick clientâ¿ model is mostly broken, as security companies (e.g., McAfee (MFE), Symantec (SYMC - Get Report), Trend Micro) are finding it increasingly difficult to keep up with an expanding array of malware threats without seriously impacting device performance.
Second, much of the defensive posture will move to the networks and the cloud, where most data delivered to end user devices will originate and where it will be scanned and secured. This means a good deal of the security footprint will be behind the scenes and often invisible to the end user, and with little device impact. Some security SW will remain loaded on the device, but its imprint will be substantially diminished and will provide only basic services.Third, the network will become much more malware aware than it currently is, and include advanced threat detection based on packet sniffing, smart analysis of traffic, etc. Current network topology is basically designed as a server of bits, with no attempt to detect and correct threats. This posture will change to be much more proactive, particularly as more cloud based services are employed (this will be driven home the first time a major cloud-based service provider is sued over a malware incident causing damage to a customer). Network-based security will become a key component from infrastructure vendors (e.g., Cisco (CSCO - Get Report)).