It’s that time of year again! Time for the 2012 predictions – and the security industry is chock-full of them. They’ve all been written before, but we thought we’d highlight a few of our favorites, and of course, we couldn’t resist tossing a few of our own into the mix. Do you agree, disagree or have your own security predictions to share? Leave us a comment and let us know what you think.
1. An At-Risk Society
It’s probably safe to bet that the majority of Americans today check their smart phones before going to sleep each night, and then again before jumping out of bed to face the new day. As our daily lives become increasingly and inextricably linked to technology, the associated risks for individuals – and our society as a whole – are also growing. We’re seeing more and more headlines on targeted attacks threatening the very pillars of our society – from threats against our electronic voting systems to attackers remotely opening prison cell doors to aid and abet prisoners – and expect to see more in the year ahead.
2. Cyber Defense: A Joint Effort
Public and private collaboration to defend against cyber attacks will continue to increase, as evidenced by newly proposed legislation that would enable information sharing between the government and companies. According to Wall Street Journal’s John Bussey, “We may be closer than ever to a battle plan that finally links the arsenals of the U.S. government with the serious needs of business in the fight against global cyber hacking.” This proposed legislation is certainly an important step in building out the global intelligence layer. However, it’s critical that enterprise organizations do not wait for government aid to become reality before taking action to defend their own IT environments. Organizations must learn to approach network security in a completely different way.
3. Cyber Attacks – Moving Beyond the Enterprise
In 2011, we began to see more cyber attacks targeting small businesses – and unfortunately, can expect to see this trend grow in the year ahead. Focusing attacks on small businesses is a logical choice for many cyber criminals, USA Today’s Byron Achohido recently reported, as they often don’t have the resources to fend off even the most basic of attacks. In the year ahead, small businesses will increasingly seek ways to mitigate malicious attacks – and the market must be prepared to respond by offering scalable, cost-effective solutions.
4. 2012: Time for a New Approach
Organizations are coming to terms with the indisputable fact that perimeter defenses are no longer enough to protect against today’s sophisticated cyber threats. Motivated attackers WILL find a way to penetrate layered defenses, getting beyond the “front door” and into the “house”. But today’s advanced cyber attacks take place over a period of time and have multiple, distinct phases – attackers know exactly what they want and are willing to be patient. In most cases, there is plenty of time, from the initial breach of the “front door” to the exfiltration of sensitive data and intellectual property, to take proactive steps to stop or minimize the impact of the attack. By facing this new reality, industry focus will shift from preventing hypothetical breaches to responding to inevitable attacks – by monitoring, gathering and acting on real-time, local intelligence.
5. Increased M&A in Cyber Security
Growing cyber threats will continue to drive sharp increases in cyber security M&A activity in 2012. According to a new Cyber M&A report from PricewaterhouseCoopers, global spending on cyber security deals is expected to grow approximately 10 percent every year for the next three to five years. According to the report, deal values have increased six-fold in 2011 alone, with the U.S. accounting for more than half of all M&A activity. Many large enterprises today are finding themselves behind the curve when it comes to effectively mitigating risk and protecting against advanced cyber threats, causing many to scramble to either build new solutions to address them – or, more oftentimes, acquire businesses that can address current and emerging issues.
6. BYOD Nightmares
Of course, we couldn’t write about 2012 security predictions without mentioning mobile. Today’s “bring-your-own-device” craze has opened Pandora’s Box – ushering in a new wave of enterprise security challenges. Ellen Messmer of Network World predicts that the rapid adoption of mobile devices will be a “huge disruptive force” in the year ahead, as “known malware samples for the new generation of devices are now starting to pile up, especially for Android.” We can expect to see a surge in attacks targeting – and taking over – employees’ personal devices to wreak havoc on their organizations.