I am finding that there is cloud talk everywhere , even OS developers like Apple , Microsoft, Ubuntu and many more are bringing things to the people and saying things like private cloud or public cloud etc..
Already virtualization is gaining pace in the market and Cisco is also heading towards it quite rapidly..... so my question is ...what will happen to companies who are non IT or just enterprise .... how about local ASA , PIX , IPS , MARS or other devices that are with the enterprise...
I am sure my subject title says the same , please do comment and let us discuss this here more broadly and in a greater clarity.
Cisco likes to sell hardware. Hackers love to have a single organisation to infiltrate. Do not worry too much about security moving to the cloud. No financial insitute would ever risk it. It is OK for mama's and papa's stores.
A basic security element is trust. In order for one to feel that the cloud gives security, they have to trust the cloud provider. As Conwyn stated, the cloud may be ok for some, but not all.
I think the work just changes to meet the immediate design. There is plenty of consulting work to go around. Some organizations will be less likely to embrace the cloud. Some organizations will need due diligence with their cloud providers. In addition, we are having to design connectivity to cloud providers (for example a vpn to amazon virtual private cloud). Others will be on the bleeding edge, get burned because of the lack of due diligence and move their systems back in-house. In the end, we will have a complex mish-mash of in-house and out-sourced solutions that will keep us all busy. We've been in these cycles as long as I've been in technology. This is just one of them. Just my opinion though.
Not sure regulatory compliance allows either corporates or enterprises to absolve themselves completely from their security responsibilities, even if they do out-task certain aspects to the cloud.
Have come across a few online articles of late that have highlighted the shortage of security professionals and security devices that are no longer fit for purpose (incidently both MARS and PIX are EoL), which could be argued builds the case for SECaaS, as there are plenty of highly reputable Managed Security Service Providers (MSSPs) around.
I think you'll find the Cloud becomes an extension of many networks as they exist today. The Cloud is more of an evolution of technologies and concepts than a revolution, if you look at the progression and trends of the past 5 years.
With that said, security is still security. You will still need security architects that fully grasp the implications of cloud technologies and how their vendor provides the service. They will need to be able to integrate the Cloud into the existing network in concert with the overall Architecture, in such a way that meets their current security needs. Often times a new security architecture may be borne out of this integration, or at the very least, growth and addition to the current security architecture.