Posted by Tom Foremski - March 22, 2012
By Paul Lipman, CEO, Total Defense
As the industry prepares for the release of Windows 8 toward the end of this year, just about every security company is wondering how they will be affected and how the general security landscape may change.
Windows 8 is expected to offer some compelling new security enhancements that have the ability to significantly reduce exposure to digital attacks, and while I believe this is a step in the right direction, fundamental issues still remain with the underlying architecture, leaving the potential for vulnerabilities to be exposed and exploited.
One major shift with Windows 8 is Microsoft's move toward the "App Paradigm" and the ability to provide sandboxing features that isolate one program from the others, as well as requiring permissions to be explicitly defined up front.
This shift gives Microsoft the ability to further restrict what software is allowed to run by limiting what is distributed via the new Windows 8 Marketplace and requiring apps to pass Microsoft's certification criteria prior to being made available for download.
This is a significant move toward appliance architecture, and one that has the potential to bring great reliability and greater security to the market.
The gateway to devices will be the applications they run and in turn, the vulnerabilities that exist within those applications that can potentially be exploited. Anti-malware vendors will need to retool their focus with an emphasis on evaluating the security exposure of certified apps through intense vulnerability analysis.
Additionally, I see a need to offer granular, independent guidance as to the value and integrity of certified apps.
This is a move back to the "Spyware Paradigm" where a major concern will be about what data is collected, how that data is being used, or if there is adult content and/or suggestive language within the app that a parent wouldn't want their child to see. Truly focusing on the applications that are allowed to run within the Windows 8 platform will be a paradigm shift for some vendors.
Another change in the Windows 8 platform is the inclusion of Windows Defender. The industry has had a mixed reaction to this, which purports Windows Defender will become a full-fledged anti-malware solution, including worms, viruses, bots and rootkits.
However, I recall the death knell being sounded for the anti-spyware industry when Microsoft bundled anti-spyware technology into Windows Vista. But rather than kill the market, the anti-spyware category actually expanded after Vista's release as a result of pent-up demand for PCs.
The reality is that a monolithic approach to security represents a security vulnerability in and of itself. If everyone in the world runs the same security software this only serves to create a bright, shining target for malware writers and cybercriminals to attack.
Cybercrime is one of the fastest growing industries in the world and changes at a frightening pace. Gartner predicts the financial impact of cybercrime will grow 10 percent each year through 2016, a direct correlation to the continuing discovery of new vulnerabilities.
Malware comes in all shapes and sizes and financially motivated attackers will always look for new and innovative attack paths to exploit the constantly changing technology landscape.
Ultimately, all efforts to improve the underlying security of the OS landscape are steps in the right direction, but both businesses and individuals shouldn't rely solely on the promises of Windows 8 when it comes to security.
Windows 8 will no doubt change the complexion of the industry, but there will always be a vibrant market for independent, specialized security vendors that can address the ever-changing and expanding need to stay secure.