CoreTrace released their top security predictions for 2011.
“The major theme in for 2011 will be evolution. The evolution of attacks like Stuxnet, the evolution of new platforms like iOS and most importantly, an evolution in the tools we use to secure our systems,” said Toney Jennings, CEO of CoreTrace.
Blended threats like Stuxnet will become the norm. Stuxnet clones will be rampant, but the real threats will be far more dangerous and sophisticated.
Stuxnet clones will be rampant in 2011, but the real threats will be far more dangerous and sophisticated. Stuxnet was too public, too easily discovered and reverse engineered. From my days in the trenches at the Air Force Information Warfare Center, I feel it in my bones that Stuxnet was a “grenade” and that there are digital bombs out there that are far more powerful and dangerous.
New combination of endpoint security and control solutions come to light.
Worlds will collide in 2011, as new combinations of previously separate, and sometimes even competitive, endpoint security and control solutions emerge. Endpoint protection suites will increasingly overlap with PC lifecycle management offerings, with companies in the latter category moving further into security via a series of often-surprising acquisitions. Anti-malware solutions will include both blacklisting and application whitelisting, with battle lines drawn around the roles that each technology will play in an effective solution.
Security for virtual environments will become increasingly competitive; performance impacts will be a primary differentiators.
Similar to mobile devices and the Mac operating system, virtual desktops and servers will need protection from targeted attacks in 2011. In addition to anti-malware efficacy, IT teams will select solutions for performance reasons: the lower the performance impact of scans, the more virtual machines per system.
The “Advanced Persistent Threat” term will be expanded to include adversaries targeting organizations outside the federal government.
Years ago, my Air Force colleagues coined the term, “Advanced Persistent Threat” (APT) to describe sophisticated, foreign state-sponsored cyber attacks against the United States. Vendors will continue to abuse the APT term for marketing purposes and the APT term will be expanded to include well-funded adversaries targeting companies and individuals outside the federal government.