A report released today by Imperva, a provider of data security solutions, shares predictions on what we could expect to see in 2011 and is designed to inform and help IT security professionals defend their organization against the next onslaught of cyber security threats.
Imperva’s research team predicts IT security professionals will see the following in 2011:
• State-sponsored attacks, like the Stuxnet worm, will build on concepts and techniques from the commercial hacker industry to create more powerful Advanced Persistent Threats (APT).
• Greater transparency around insider security breaches and increased incident reporting as a result of new regulations covering the act of notification and disclosure.
• Increase in Man-in-the-Browser (MitB) Attacks will create growing concern for online service providers who must be able to serve and protect customers infected with some form of malware.
• Social network security measures will increase among prominent social networks and tools, placing greater emphasis on security over privacy as threat intelligence improves.
• Emphasis on file security in anticipation of data breaches where compromised data is in the form of files rather than database records.
• Compromised mobile devices resulting in data theft or loss as a result of lagging security measures such as identification and authentication and the spread of mobile malware.
• Cloud-based application and data security technologies will appear as a late reaction to the move of many applications and data stores to cloud technologies.
• Information security becomes a business process as CISOs and security professionals seek to better protect data as it flows through enterprise systems.
• Hacking industry will consolidate as amateurs are shut down and mergers among larger, organized groups takes place.
• Convergence of data security and privacy regulation worldwide and the emergence of a common framework as global businesses struggle to meet multiple, complex mandates.
The report, compiled by Imperva’s Application Defense Center (ADC) is based on analysis of incident and vulnerability data from the past year as well as findings from the company’s Hacker Intelligence Initiative and field work with enterprise customers.
“The threat landscape will evolve in many directions, making data security more challenging than ever,” said Imperva CTO Amichai Schulman. “The biggest potential impact will be caused by the proliferation of sophisticated mobile devices interacting with corporate networks. I believe that next year will bring the first major data breaches as a result of compromised devices. Additionally, the evolution of Advanced Persistent Threat techniques will become an even greater threat to organizations as states leverage these tools for their own political and financial gain.”
In a report released last week by WebSense, researchers are saying that the latest tactics have moved to a political — and nationalistic – stage, and that 2011 will bring blended threats and data loss over the Web that demonstrate the potential for targeted cyberterrorism attacks.
A full copy of the Imperva report is available here (registration required) – https://www.imperva.com/lg/lgw.asp?pid=425
Related Reading: China’s Cyber Threat Growing
Related Reading: Defense Department’s Cyberwar Credibility Gap