The evolution of internet security has been marked by significant changes over three decades, with a focus on understanding data patterns and mental models for security.
Data from the 1980s shows that internet growth was exponential, maintaining an invariant growth rate of approximately 80% per year.
The emergence of the modern worm era, marked by the Code Red worm in 2001, drastically increased scanning activity by orders of magnitude, fundamentally altering security dynamics.
Analysis of network traffic indicates that while overall connections per day grew significantly, the growth rate has varied, with recent years showing a decline in the rate of increase.
The rise of encryption is a critical trend, with TLS connections dominating, though the adoption of newer protocols like TLS 1.3 is gradual, reflecting challenges in enterprise deployment.
Despite the growth of encrypted protocols, a substantial amount of HTTP traffic remains, indicating that not all communications have transitioned to secure methods.
The analysis of scanning patterns reveals both steady growth and abrupt spikes in activity, often driven by malicious actors leveraging vulnerabilities.
The data highlights the challenges enterprises face in adopting modern security technologies, such as encrypted SMB, which remains underutilized despite its advantages.
IPv6 adoption in enterprise environments is minimal, with little progress observed over time, suggesting a slow transition to newer networking standards.
The presentation emphasizes the complexity of tracking technological advancements and attacker evolution, underscoring the need for continuous data analysis to understand security trends effectively.
1 comment
[ 2.0 ms ] story [ 8.7 ms ] threadThe evolution of internet security has been marked by significant changes over three decades, with a focus on understanding data patterns and mental models for security.
Data from the 1980s shows that internet growth was exponential, maintaining an invariant growth rate of approximately 80% per year.
The emergence of the modern worm era, marked by the Code Red worm in 2001, drastically increased scanning activity by orders of magnitude, fundamentally altering security dynamics.
Analysis of network traffic indicates that while overall connections per day grew significantly, the growth rate has varied, with recent years showing a decline in the rate of increase.
The rise of encryption is a critical trend, with TLS connections dominating, though the adoption of newer protocols like TLS 1.3 is gradual, reflecting challenges in enterprise deployment.
Despite the growth of encrypted protocols, a substantial amount of HTTP traffic remains, indicating that not all communications have transitioned to secure methods.
The analysis of scanning patterns reveals both steady growth and abrupt spikes in activity, often driven by malicious actors leveraging vulnerabilities.
The data highlights the challenges enterprises face in adopting modern security technologies, such as encrypted SMB, which remains underutilized despite its advantages.
IPv6 adoption in enterprise environments is minimal, with little progress observed over time, suggesting a slow transition to newer networking standards.
The presentation emphasizes the complexity of tracking technological advancements and attacker evolution, underscoring the need for continuous data analysis to understand security trends effectively.