Will 2019 be the year there is a big push for consolidation between open source and cybersecurity?
Yes, said Sanjay Beri, CEO of Netskope, in an email comment. IBM’s acquisition of Red Hat could prove to be the game changer in how organizations approach security. Beri added:
In 2019, smaller security vendors will be snapped up because of several factors – for talent/acquihire purposes, for a company’s underlying technology, to boost sagging toplines of legacy security or networking vendors trying to modernize themselves, and more.
Also, expect open source to re-energize stagnant security systems at the enterprise level. They might actually see open source as an alternative to the legacy architecture that isn’t keeping up with today’s threats.
Albert Ziegler, data scientist at Semmle, reached out to me with two interesting takes on how open source will be a cybersecurity driver this coming year. First, he said, code quality will be tied to security, and this is tied back to Beri’s thoughts of how acquisitions of smaller companies will play out:
Developers have long realized that open source logically can make code more secure, simply because more people are analyzing the code. For example, Microsoft’s acquisition of GitHub this year portended its status as the world’s largest contributor to open source projects on GitHub, a strong indicator that the world’s most influential companies value code quality. This critical mass will take hold in 2019, and more companies will embrace open source to improve quality of their code.
Second, Ziegler predicted that we’ll see a rise in developer awareness of security. In his conversations with developers, he has noted the increase in conversation about cybersecurity and vulnerabilities in code development. Awareness in this area is a good thing, but awareness doesn’t equal a problem solved. New vulnerabilities continue to be introduced at a higher volume than old vulnerabilities are fixed. Hopefully, as the developers are more aware about vulnerabilities, they’ll be able to address problems before they become serious risks.
Finally, with all of these acquisitions and open source becoming a more important player in security, expect enterprise to develop stronger open source policies, according to Juniper Networks’ VP of Enterprise and Cloud Marketing, Michael Bushong. The policies will cover procurement practices to supply chain.
I’ve been writing about security predictions for a long time, and this is the first I recall open source mentioned in such significant ways. We’ll see if these acquisitions and enterprise turning to open source to address security ends up as a trend in 2019.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba