Here we are on the edge of another year and it is the time of year when the predictions start.
Everyone has an opinion on what could be around the corner, some are based on extensive research and market trends, and some are based on customer expectations and experience.
Rather than bore you with my predictions I thought I would extract the predictions of several leading vendors and consultants and put them into one single post.
The plan is to use a range of industry specialisations, for example Anti-Virus and Authentication, and run them side by side for an easy comparison and to see if there is a trend in the predicted trends.
The 7 specialist predictors are from the organisations listed below
- Confident Technologies
- Trend Micro
Other opinions and predictions are available and the full predictions of the specific organisation are within the links and the end of each prediction.
Top 5 Authentication Predictions for 2012 from Confident Technologies
- BYOMD (bring your own mobile device) will spell big trouble for businesses in terms of data loss in 2012.
- There will be a large data breach (reminiscent of the Sony online gaming breach of 2011) which will finally cause organizations across many industries to realize they cannot rely solely on passwords to protect user accounts.
- Targeted Variations of Zeus-in-the-Mobile style attacks will grow
- Smart devices enable smart authentication: image-based authentication, biometrics and more.
- Retailers and mobile payment providers will lead the adoption of new mobile authentication techniques in 2012
Find the Confident Technologies predictions here.
Cryptzone predicts Trends for 2012
Cryptzone, the IT Threat mitigation experts, announced its 8 key predictions for the top security trends for the coming year.
- Targeted Attacks
- Bring Your Own Device (BYOD)
- Greater Security for Production Systems
- Intranets on the iPAD
- Incident Response Management
- Context Awareness for Access Rights
- Content Security verses Hardware Security
- Shortened Product Development Lifecycles
Peter Davin, CEO of Cryptzone, comments “Employees are now demanding to use their own devices for work with security as a prerequisite. On the other side, hackers have become more sophisticated in whom they target, opting away from indiscriminate strikes. 2012 will see these trends develop even further.”
Find Cryptzone’s predictions here.
Deloitte’s Top five security threats in 2012
- Mobile devices (34%)
- Security breaches involving third parties (25%)
- Employee errors and omissions (20%)
- Faster adoption of emerging technologies (18%)
- Employee abuse of IT systems and information (17%)
Find Deloitte’s predictions here.
Trend Micro 2012 Threat Predictions:
Attacks Take on More Sophistication in the Post-PC, BYOD Era Trend Micro’s “12 Threat Predictions for 2012” include:
- The real challenge for data center owners will be the increasing complexities of securing physical, virtual, and cloud-based systems
- Security and data breach incidents in 2012 will force companies worldwide to face BYOD (Bring-Your-Own-Device) related challenges
- Security vulnerabilities will be found in legitimate mobile apps, making data extraction easier for cybercriminals
- More hacker groups will pose a bigger threat to organizations that protect highly sensitive data
- The new social networking generation will redefine “privacy.”
- Supporting assets
Find Trend Micro’s predictions here.
Lancope Announces Top Five Security Predictions for 2012
Lancope, Inc., a leader in flow-based security, network and application performance monitoring, unveiled its top five security predictions for 2012.
- Advanced persistent threats (APTs) will become more predominant
- Insider threats will grow
- Industrialized attacks will remain stable
- Employee misuse and abuse will create steady risk
- Fully automated attacks will trend down
“If 2011 taught us anything, it’s that the targeted, highly motivated attacker is real. Tomorrow’s threat landscape requires a new level of preparation when it comes to security,” said Adam Powers, chief technology officer at Lancope.
Find Lancope’s predictions here.
Varonis gives its top predictions for Data Governance in 2012
Varonis Systems Inc., the leading provider of comprehensive data governance software announced its top-level predictions for the Data Governance field in 2012.
- Secure Collaboration Goes Viral in 2012. It will be the year data owners take back access control decisions from IT, and demand automation to analyze data, make better decisions, and eliminate costly, ineffective manual processes
- Big data analytics will expand its focus to the biggest data of al unstructured information sitting on file servers, NAS devices, and in email systems
- We will see some IT departments taking drastic measures, such as shutting down “at risk” servers or access to e-mail if the proper audit trails are not in place
- Internal threats will still be a major worry for corporates in 2012 despite the demise of Wiki Leaks
David Gibson, Director of Technical Marketing and Strategic Sales at Varonis said: “When it comes to data loss, threats from inside the organization have become as worrisome, if not more so, than those from outside. In many of the security breaches in 2011, employees or contractors were able to delete or download thousands of files without raising concerns because often no one was able to determine what sensitive data they had access to and secure it before information could be stolen, view an audit trail of what they actually did access after the fact, and certainly not hear any alarms go off while the breach was in progress, when access activity was unusual. Corporates will have to address this issue properly in 2012.”
Find Varonis’s predictions here.
WatchGuard Unveils Top 10 Security Predictions for 2012
WatchGuard Technologies’ security analysts provide their 2012 security predictions
- A major cloud provider will suffer a significant security breach. Cloud Computing brings chance of malware-storms
- Organized criminals will leverage Advanced Malware techniques in targeted attacks against businesses
- The barrage of noteworthy data breaches continues through 2012
- Increased reliance on virtualization reawakens need for virtual security. Unprotected virtual machines make bad neighbors
- Smartphone app stores and marketplaces help proliferate mobile malware in the real world
- Adoption of BYOD and IT self-service results in more data loss. Bring your own device means clean your own infections
- As the top vector for social engineering and malware, Facebook is forced to increase its security. In 2012 WatchGuard forecasts Facebook-based attacks will increase and Facebook will be forced to sit up and take notice. Specifically, Facebook will implement new security solutions on their site to avoid losing fed-up users
- Attackers launch a digital attack that affects physical infrastructure or equipment. My power plant got a virus infection. Expect at least one digital attack in 2012 to cause a significant repercussion to a physical infrastructure system
- Location aware malware customizes its attacks. Spyware knows where you live
- HTML5 offers five times the ways to hijack your website. New web technologies like HTML5 fuel the growth for next year’s web application attacks
“2012 stands to be a dynamic year for network security as criminals and hackers take threats to new levels,” said Eric Aarrestad, Vice President at WatchGuard Technologies. “Given how new threats are constantly evolving, WatchGuard remains ever vigilant in staying one step ahead of these threats, which gives our customers unparalleled protection for their networks, applications and data.”
Find WatchGuard predictions here.
It appears the common theme is “mobile” as the biggest threat, whether the device is employee owned or not. Similarly they agree that the bad guys will continue to focus of target attacks.
Let’s just hope that 2012 is a more secure year that 2011.