With increasingly stringent compliance mandates, the explosion in virtualization interest and adoption, demands for audit reporting, and a spike in security breaches, 2009 has been a dynamic year for the IT security and compliance world.
As 2010 promises more of the same and then some, managing the changes to IT assets and systems that introduce dangerous security vulnerabilities into the IT environment will continue to be critical for organizations in ensuring the security and compliance of their IT infrastructures.
Here are Tripwire’s Top 5 predictions for what is in store for 2010:
1. Even though IT budgets promise to hold steady or decrease, more money will be wasted by enterprises this year on ineffective compliance efforts, for example PCI.
2. Log management will be the key to bringing security and operations together in 2010.
3. The devil will be in the details: segregation of duties, poorly documented and communicated IT policies, and failure to enforce rules with employees will be just a few of the “little’ things that will continue to play a large role in jeopardizing enterprise security.
4. It will not be “the year of the cloud’.
5. Despite the hype of increased social networking threats, misconfigured “stuff’ (ie, servers, firewalls, laptops, etc) will be the real threat for companies to watch out for.