.

Top Security Predictions for 2010

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Jan 04, 2010 1:44 pm

Top Security Predictions for 2010

Nice opinion piece by Andreas M. Antonopoulos on InfoWorld.com:


Security funding increases, mobile security worsens, and security in the cloud expands -- see what else is in store for 2010

1. Security funding increases by more than 10 percent to recover from a year of cuts. Our research shows that security is one of the areas least likely to suffer severe funding cuts. However, given escalating threats, a flat security budget in 2009 may have been a step back for companies. Expect an attempt to make up for 2009.

2. Congress creates new regulatory compliance mandates. Enron gave us the Sarbanes-Oxley Act (SOX). What will 100x Enron give us? The math of compliance is shocking because it represents "assymetric warfare". A few sentences of legislation (SOX section 404?) can lead to billions in spending. The financial meltdown of 2008 to 2009 will lead to extensive and very costly regulation, in financial services and beyond.

3. Self-propagating mobile phone worms and Trojans. Mobile security will get slightly worse as the proliferation of applications and smart devices broadens the attack surface. While we've seen worms on iPhone, they have not been self-propagating, depending on PCs to spread. Expect to see true self-propagating threats on iPhone and Android systems in 2010.

4. Cloud computing providers introduce encryption-at-rest and other security capabilities "as a service". With security as one of the main impediments to cloud adoption, expect to see encryption, VPN, intrusion-protection systems and other security capabilities offered as a per-hour billable service. Amazon's Virtual Private Cloud is just the beginning. This could become a key area of competition in 2010.

5. Security in the cloud expands with new services. In addition to cloud computing, managed security services (security in the cloud) will also expand. Expect to see data-leak prevention, encryption, directory and authentication services provided by MSSP in addition to the old staples of antispam, antimalware and firewall



For the other 5:
http://www.infoworld.com/t/business/top ... s-2010-523

Don
CISSP, MCSE, CSTA, Security+ SME
<<

pizza1337

Full Member
Full Member

Posts: 156

Joined: Mon Mar 08, 2010 5:29 pm

Post Thu Mar 11, 2010 4:47 pm

Re: Top Security Predictions for 2010

Interesting.
Here is what i think.
More bots
More DDoS attacks
Cyberwars
More scarewares (my schools AV fails, its lightspeed systems antivirus.)


this is interesting. now they are going after medical records.
http://www.redspin.com/blog/2010/03/03/ ... dit-cards/
Knowledge Resource is Power.
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Thu Mar 11, 2010 5:05 pm

Re: Top Security Predictions for 2010

I am digging the increasing budget aspect :)
~~~~~~~~~~~~~~
Ketchup
<<

KamiCrazy

Jr. Member
Jr. Member

Posts: 78

Joined: Wed Jun 17, 2009 8:40 pm

Post Thu Mar 11, 2010 7:13 pm

Re: Top Security Predictions for 2010

I think breaking out of virtualisation and attacking the hypervisor is going to gain momentum as more and more companies turn to virtualisation to solve IT issues.

You could think of it as another form of priviledge escalation.

I think that VOIP networks are going to see an increase in attacks (if you are subscribed to CANVAS you will have seen some of the latest modules to do such a thing).
Why? because you can do a lot with it. The immediate one is monetary gain. Racking up phone charges on the victim's account to your billed account.
<<

j0rDy

User avatar

Hero Member
Hero Member

Posts: 591

Joined: Tue Feb 23, 2010 4:55 am

Location: Netherlands

Post Fri Mar 12, 2010 4:48 am

Re: Top Security Predictions for 2010

KamiCrazy wrote:I think breaking out of virtualisation and attacking the hypervisor is going to gain momentum as more and more companies turn to virtualisation to solve IT issues.


amen to that. vmware hacking will be hot! then again i also think 2010 will be the year of ZeuS:

http://blogs.technet.com/mmpc/archive/2010/03/11/got-zbot.aspx
CISSP, CEH, ECSA, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net

Return to Opinions

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software