IT security forecast 2010: Hope for the best and prepare for the worst

Share this article:
Lysa Myers
Lysa Myers

It's that time of year again. Time to recap the things which happened in the past year and give our predictions for what will happen in the future. Are you ready for prognostications of doom...and malware in our phones and our microwaves and cars? Or can we finally dispense with that tradition, once and for all?

There was a time where I was party to predicting a surge in malware on an ever-widening variety of platforms. It certainly made sense. We've seen viruses and trojans and exploits for every smartphone platform which has ever come and gone. There have been trojans for various gaming platforms (one for Nintendo, one for Sony's PlayStation) and we're finally seeing Mac malware with financial motive. So in a limited sense, some of those predictions were right.  

However, in another sense, it doesn't really matter who's right or wrong, whether we're on track to a global cyber apocalypse. The cyber neighborhood you're in could be completely safe, but if someone determines your system to be an easy target, they can and will come after you alone. 

Conversely, you could be in the middle of a cyber “felony flats”, and if your system is well protected, they will likely go on to another, easier target.  

So here are my predictions for the next year:  

1.    Social engineering will still be king of vulnerabilities. Malware authors will use the latest juicy news and gossip to frighten or titillate people into running their wares.

2.    Malware authors will follow the money. If there is a platform that malware authors find lucrative, they will pursue it.

3.    Hackers will seek notoriety. There is cash and cachet to be found in finding vulnerabilities in software and platforms outside the most popular areas of attack. Expect that there will be proof-of-concept malware and maybe even something found in the wild.

4.    The best rules for security and risk assessment will still apply. Be smart about your passwords. Don't open email attachments you're not expecting. Downloading pirated software is a no-no. Malware authors and scam artists will try their darnedest to get in your face. This is all old hat. I'm sure you can recite it in your sleep.

In short, the best course of action is to continue preparing for the worst and hoping for the best. If you've got more “worst” than is acceptable in your situation and you don't know why, invest in some risk assessment tools or services and find out where it is getting in. If you already know where it is getting in, perhaps this is the year to try something radically different to fix it. Maybe that's new technology, maybe that's a new policy.
Share this article:
close

Next Article in Opinions

Sign up to our newsletters

More in Opinions

Unfair competition: Proactive preemption can save you from litigation

Unfair competition: Proactive preemption can save you ...

With each job change, the risk that the new hire will bring confidential information or trade secrets with him or her to the new company grows.

Hackers only need to get it right once, we need to get it right every time

Hackers only need to get it right once, ...

Hackers only need to find one weak point to steal valuable information. On the flip side, security pros need to account for every possible scenario.

Successful strategies for continuous response

Successful strategies for continuous response

While it isn't realistic for organizations to expect that it will never happen to them, a rapid, professional and continuous response can limit their scope and reputational impact.