Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



10 Privacy Trends and Predictions for 2011

Social Media and Location-Based Technologies Top Concerns for 2011

As we approach December, predictions for what’s to come in 2011 are flowing in almost daily. Just last week several firms said threats targeting the fast growing smartphone and tablet markets topped lists of cyber concerns for 2011.

Social Media and Location-Based Technologies Top Concerns for 2011

As we approach December, predictions for what’s to come in 2011 are flowing in almost daily. Just last week several firms said threats targeting the fast growing smartphone and tablet markets topped lists of cyber concerns for 2011.

Called a “Master market timer and predictor” by CNBC, hedge fund manager Doug Kass of Seabreeze Partners Management made a bold prediction last week, predicting that a Cyber Attack Will Shut Down the NYSE in 2011.

Proofpoint, a provider of SaaS email security, email archiving and data loss prevention solutions says risks to consumers and companies will grow in the next year as a result of more personal information being put on the Internet, in consumer applications and stored in corporate databases. Proofpoint expects more organizations to create stronger privacy policies and turn to encryption, web filtering and secure managed file transfer. Despite these increased efforts, Proofpoint still has many concerns and predicts the following trends will dominate privacy discussions in 2011:

1. The privacy and confidentiality of location-based information will become a major concern for both consumers and corporations – With the rise in mobile GPS information, companies will have to protect both personally identifiable information (PII) of employees, customers and partners, and also create new policies for handling location-based information. Not only will real-time information about location be a vulnerability, but companies will have access to information about where people (or their devices) spend much of their time.

2. At least one major social media site will experience a major breach – According to Neilsen, nearly a quarter (22.7%) of all online time is spent social networking. With more people on social networks and more personal information available via those networks, the potential for exposure of that data is likely.

3. Stricter regulations will be passed worldwide – Privacy regulations in the healthcare, financial services and critical infrastructure industries like energy and telecommunications will likely see new regulations dictating what needs to be protected and what to do when data loss occurs.

Advertisement. Scroll to continue reading.

4. Expect a national data breach notification law – Notification laws like California’s SB 1386 exist in 46 of 50 states today. A federal law is imminent.

5. Blended threats will increase – While email is still the number one threat vector for personal information loss, threats from newer communications channels is increasing, especially in the form of blended threats where the target is first attacked through email, then directed to Web or social media.

6. At least one company will be prosecuted under the broad-reaching Massachusetts Privacy Law (201 CMR 17.00) – In March of this year, the Massachusetts Privacy Law went into effect, mandating that any company that “owns or licenses” personal information — whether stored in electronic or paper form — about Massachusetts residents must comply with its privacy requirements, including notification of breaches and encryption of stored or transmitted personal data. Although the state has yet to enforce the law, 2011 will likely be the year that companies begin seeing penalties. In addition, we may see more laws of this type passed in 2011. Nevada also has a similar law. To deal with these threats, the following additional trends will emerge among businesses:

7. Companies will move away from outright bans on social networks, IM or web mail to allowing those services, but applying stricter corporate policies on these new services as well as investing in secure web gateways to monitor use. New innovations such as Facebook mail give enterprises yet another good reason to put better policy and technology controls around the corporate email system.

8. More companies will create policy around acceptable use. Email leaks such as the recent Google corporate memo exposure are heightening awareness in companies that policies need to be created about what content is considered sensitive and enforce them both through technology and through training.

9. More companies will encrypt more data – Three factors are converging to make 2011 the year of encryption adoption. 1. More regulations today require encryption. 2. It’s become a best practice in many industries. 3. It’s easier to implement and less confusing for users. With processing power increasing and companies like Proofpoint innovating, encryption has become faster and easier to implement and use.

10. More interest in secure managed file transfer – Driven by privacy considerations and security flaws in FTP, more companies will be implementing reliable ways to send files securely. With data breach notification laws in place in nearly every state, companies cannot risk losing data through FTP security issues.

Some of these predictions, while interesting, seem quite obvious. For example, “More companies will encrypt more data” — This is a simple assumption to me, do we really expect companies that ARE encrypting data to stop encrypting or encrypt less? And of course more companies are going to START. Additionally, “More companies will create policy around acceptable use” — Again, quite obvious.

What are your thoughts and predictions for 2011?

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...


Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.


Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.