The stealthy, low-distribution nature of targeted threats severely decreases the likelihood that security vendors will be able to create traditional detections to protect against them all. However, technologies such as Symantec’s SONAR, which detects threats based on their behavior, and reputation-based security, relies on the context of a threat rather than the content, turn the telling behavioral characteristics and low-distribution nature of these threats against them and make detection possible.
3 The Exponential Adoption of Smart Mobile Devices that Blur the Line Between Business and Personal Use Will Drive New IT Security Models.
With the consumerisation of IT, employees’ use of mobile devices, such as smartphones and tablets, to meet both business and personal connectivity needs is growing at an unprecedented pace. Analyst firm IDC estimates that by year’s end, new mobile device shipments will have increased by 55 percent and Gartner projects that in the same timeframe, 1.2 billion people will be using mobile phones capable of rich Web connectivity.
As devices continue to become more sophisticated and while just a handful of mobile platforms corner the market, it is inevitable that attackers will key in on mobile devices in 2011 and that mobile devices will become a leading source of confidential data loss. Since this proliferation of these gadgets shows no sign of slowing in the coming year, enterprises will gravitate to new security models to safeguard the sensitive data that will be on and accessible through these devices.
On top of that, as employees increasingly become more mobile and work-on-the-go, enterprises will also have to address the associated challenges by adopting new models, such as security in the Cloud, for suitable solutions that will work seamlessly across multiple platforms and devices. Expect IT managers to be forced by business necessity to implement more granular and refined Web security policies as well.
4 Regulatory Compliance Will Drive Adoption of Encryption Technologies More than Data
The explosion of mobile devices in the enterprise not only means organisations will face new challenges in keeping these devices and the sensitive data on them accessible and safe; they also must comply with various industry data protection and privacy regulations.
Despite regulations, many organisations do not currently disclose when mobile devices containing sensitive data are lost, as they do with laptops.
In fact, employees do not always report these lost devices to their organisations. This year, we expect that regulators will start cracking down on this issue and this will drive organisations to increasingly implement encryption technologies, particularly for mobile devices. Organisations will also take a more proactive approach to data protection with the adoption of encryption technology in order to meet compliance standards and avoid the heavy fines and damage to their brands a data breach
5 A New Frontier in Politically Motivated Attacks Will Emerge.
In the Symantec CIP study, more than half of all firms said they suspected or were pretty sure they had experienced an attack waged with a specific political goal in mind. In the past, these attacks primarily fell in the realm of cyber espionage or denial-of-service types of attacks against Web services. However, with Pandora’s Box now opened due to Stuxnet, expect to see these threats move beyond spy games and annoyances as malware is weaponised to cause real-world damage. Symantec thinks Stuxnet is possibly only the first highly visible indication of attempts at what some might call cyber warfare that have been happening for some time now. In 2011, more indications of the ongoing pursuit to control the digital arms race will come to light.
Sign up for Computerworld eNewsletters.