December 2011

The Threat Landscape for Small-to-Medium Sized Businesses in 2012

Up next in our security predictions series is Austin-based Quarri. VP of Marketing Laurie Coffin discusses the threats SMB’s may face in 2012.

Quarri's VP of Marketing, Laurie Coffin

Today’s threat landscape is constantly evolving and 2011 has been a year many won’t soon forget after some of the biggest companies in the world disclosed breaches to critical data residing on their networks.

And it’s not just the big companies being targeted any longer. Small-to-medium sized businesses are increasingly being targeted. They are typically focused on growing their business, and as a result, rarely have a full IT staff that can effectively manage the information security of the entire organization, especially as it relates to data protection. These issues are compounded when you consider the use of mobile devices, growth in cloud computing and Consumerization of IT, also known as the ‘Bring Your Own Device’ phenomenon.

Cybercriminals also have a treasure trove of proprietary consumer information available in a few short clicks via social networking sites like Facebook, LinkedIn and Twitter. Spear phishing campaigns, “likejacking” on Facebook and shortened URLs are just some of the techniques we’ve seen over the past year and we can expect these approaches to get more sophisticated as we enter 2012.

To avoid becoming the next data breach headline, organizations of all sizes need to remember that the end user is one of the weakest links when it comes to information security. And not all attacks are external; a malicious or careless employee can cause significant damage to an organization if security precautions are not in place to prevent replication of your confidential information.

In 2012, vigilance is important as attacks to networks and mobile devices will grow in number and sophistication.
 

Posted by Bill Keeler on December 19, 2011 at 2:05 PM
| TrackBack (0)

I'm Dreaming of a White 2012 Security Landscape

Monday's 2012 prediction post is a look at the year ahead from Mike Paquette, IT security thought-leader and Corero Network Security’s chief strategy officer.

Chief Strategy Officer Mike Paquette, Corero Network Security

While waiting for our 2nd New England snowfall of this season, I’ve given a little thought to a couple of trends that I’ve been starting to hear about as I deliver network-security presentations around the US.  As background, it seems likely that in 2012, IT security issues, such as data breaches and DDoS attacks, will permeate mainstream media with increased attention on DDoS attacks as a means of crime, protest and political activism.

IT professionals will continue to maintain a “healthy paranoia” regarding the threats posed to their organizations by cyber-attacks of one form or another. Amongst IT Security professionals who focus specifically on cyber threats, we may see attitudes migrating from “healthy paranoia” to “siege mentality,” as targeted cyber-attacks continue to assault organization’s IT infrastructure, customer data, intellectual property and employee information. I think we’ll see a couple of interesting trends amongst IT security pros in 2012.

The Move toward Application Whitelisting

Application Whitelisting will gain traction in 2012 as a tool for managing risks associated with end-point malware. While not a new technology, adoption of restrictions on which files can execute on an endpoint device (desktop, laptop, tablet or Smartphone) will become more common.

The concept of application whitelisting promises virtually malware-free computing environments, but comes at a cost of inflexibility and would seem to fly in the face of the Web 2.0 usage model. In practice, several vendors have developed software solutions that utilize an application whitelist, but still allow flexible and Web 2.0-enabled Internet use. A nice article including a vendor list can be found on the SANS Reading Room.

The Shift to Whitelisting the Internet

Traditional approaches to promoting safe Internet browsing involve characterizing the “bad sites” on the Internet, either through content categorizing (rating sites for hate, porn, gambling, games, shopping, etc.) or IP Address reputation (rating IP addresses based on whether they have been observed hosting malware, being associated with phishing attacks, or participating in Botnets), and then blocking attempts to visit web sites that are listed on these blacklists.

In 2012, we will see the start of a trend toward whitelisting the Internet. That is, limiting Internet access of an organizations members to “highly trusted” web sites. You’ll notice that I did not say “known to be good” web sites, since it is common today that web sites of legitimate organizations are often compromised or infected without the site owner’s knowledge.

The challenge with this approach is even more obvious than with the application whitelisting: How do you get a reliable whitelist of URL’s while still allowing even basic use of the Internet, including search engines?

Early adopters of this technology will implement what might be called “whitelist-augmented” web access policies, usually in conjunction with other technologies such as Google’s Safe Browsing service, to allow basic search engine functionality. There is no doubt that using these approaches will cause disruption amongst the user base, as it may radically restrict Internet access.

The good news is that this kind of whitelisting shrinks the aperture through which malware can infect an organization’s computers and can indeed assist employers with managing productivity.

The bad news is that this technique will not eliminate the need to continue to use other defensive technologies like end-point anti-malware and network intrusion prevention technology.  

How about a show of hands – anyone you know going to attempt this in 2012?

Posted by Bill Keeler on December 15, 2011 at 2:00 PM
| TrackBack (0)

2012 Security Predictions from Damballa

Thursday’s Tangled Web posting comes from Gunter Ollmann, Damballa’s vice president of research and one of the foremost experts on the IT security industry. Ollmann shares his 2012 security predictions through Damballa’s popular blog The Day Before Zero.
 

Gunter Ollmann, VP of research at Damballa

As the weeks remaining in 2011 dwindle and 2012 peeks out from behind the last page of the calendar, it must once again be that time of year for purposeful reflection and prediction. Or is that navel gazing and star gazing?

The year still has a couple of weeks to rock on before we can comprehensively summarize the events and trends of 2011. I’m sure there will be a bunch of annual threat reports preempting the end of year – extrapolating trends etc. in order to get the jump on reports that use real data. At the highest level of navel gazing you could probably sum up 2011 with one word – “More.” The bad guys got richer, more successful, invented a few new attack vectors, and generally grew in numbers; meanwhile the good guys got more efficient at causing the bad guys pain, but continued to be outspent by the bad guys.

But let’s put that aside for now. What does 2012 hold in stall for us?

It’s easy enough to predict the future when you’re merely commenting upon the trends of past years and projecting “more” of the same. While I can offer no shortage of meaningful predictions for 2012 across a broad range of threat and security categories, I thought it would be fun to pick three topics that stole much of the limelight of 2011 – APT’s, mobile malware and botnet takedowns.

So, without further ado, here are a handful of predictions for 2012.

APT Bonanza

The volume of persistent attacks directed at large corporations will continue to increase and the victims will continue to feel as though they have been specifically targeted. There will thus be a presumption of sophistication to successful penetrations, which will lead to more organizations concluding that they have been the victim of an APT – which, after more detailed analysis and external input, will increasingly be revealed as false claims.

•    More attacks will be labeled as APT’s due to misunderstanding by the victims, or because of an implied “get out of jail” tactic when public disclosure of the breach is mandated by law.

•    External analysts and security firms will dedicate more time and resources to analyzing breaches that are disclosed as “APT’s”, and will be more vocal in correcting false claims.

•    A growing unease will be attributed to the “cry wolf” mentality of labeling breaches as APT’s throughout the year.

•    Real APT attacks will increasingly be lost in the noise of falsely-claimed APT’s, and the sophisticated attackers will be able to further obfuscate the intent of their attacks.

Mobile Malware threats will continue to be misunderstood

Mobile malware will divide into two streams – Smartphone malware and tablet crimeware. Both mobile malware streams will be similarly unimpressive from a threat sophistication perspective, however their criminal intent will direct their evolutionary changes. Tablet crimeware will develop at a faster pace than Smartphone malware in 2012 as the opportunities to defraud potential victims on tablet systems grow quicker.

•    The hype around mobile malware will continue to exceed the threat and the cybercriminals capabilities in 2012 – but the cybercriminals and security researchers will strive to meet that hype.

•    As mobile systems become more usable for day-to-day financial transactions and online stores tune their shopping portals for larger-screened mobile devices, cybercriminals will increasingly target these platforms. This crimeware (and injection vectors) will be more “traditional” and a closer facsimile of current generation PC-based crimeware capabilities than many have projected in the past.

•    Smartphones, long seen as “the” mobile threat vector and with the longest history of malware abuse (e.g. Symbian-based malware and premium-rate fraud), will technically be susceptible to the same malware as that affecting tablet systems – but will not be the primary target of attack.

•    Cybercriminals that develop malware specifically for Smartphones will increasingly target the devices for propagation purposes – seeking to infect other (traditional) corporate systems and to breach corporate VPN’s.

•    In the corporate realm, the Bring-Your-Own-Device (BYOD) consumerization of IT will entice cybercriminals that target enterprise networks to innovate new attack and propagation vectors. Throughout 2012 new vectors will be theorized and may be developed as proof-of-concept tools, but the hype will be bigger than reality because there are technical hurdles within the operating systems of the mobile devices that have yet to be overcome.

•    Security conferences of a Black Hat ilk throughout 2012 will uncover and illustrate new vectors that subvert the underlying mobile device operating systems that will be leveraged in the 2013 timeframe for the targeted propagation of crimeware via BYOD.

•    The traditional invasive and “scary” mobile malware capabilities (e.g. eavesdropping on the victims’ calls, tracking the device owner, etc.) will not advance in 2012 and will continue to be potential capabilities rather than primary objectives for attackers.

•    The first generation of commercial “DIY” mobile crimeware construction and attack tools will be developed and sold by enterprising cybercriminals.

•    Large scale botnets will not exist on the mobile platforms in 2012. There will be several “proof-of-concept” botnet implementations and theoretical attacks but, from an overall global threat perspective, they will be insignificant.

Botnet takedowns will be ineffective

Despite a number of public and media-hyped botnet takedowns in 2011, and the prospect of increased takedowns in 2012, the overall impact on cyber-criminal operations will decrease. In response to the 2011 takedowns, cybercriminals will change some of their management tactics, further distribute their command-and-control (C&C) infrastructure, and invest in improved and more diverse infection vector operations.

•    Professional criminals who build and monetize botnets will invest in more robust crimeware distribution technologies and services. The capability to infect 10,000+ computers per day will be more important than the marginal loss of 3-year old botnets with only a few hundred thousand infected devices.

•    Botnet C&C infrastructure will continue to become more agile – flitting between domain names, IP addresses and physical locations at an increasing pace. In 2011 this agility was measured in weeks; by the end of 2012 it will be measured in hours.

•    Botnet operators will add more layers between themselves and their victims. In 2011 cybercriminals increasingly adopted the use of commercial anonymous VPN services to connect to their C&C servers, and deployed C&C proxies between the botnet victims and the real C&C servers. In 2012 we can expect this trend to continue and there is a high probability that multiple layers of C&C proxies will be adopted to further protect the cybercriminals C&C investment.

•    Noisy botnets (i.e. Spam botnets and DDoS) will continue to be the focus of legal botnet takedowns. In response, cybercriminals will in most cases reduce the noise of their botnets and will also further segment their botnets to ensure that the entire botnet is not lost in a single takedown operation.

•    Botnet takedown attempts will become more “risky” as the takedown entities become more comfortable with the process. Risk will be introduced as the entities pursue remote clean-up and remediation of victim devices.

•    “Good guy” botnet remediation services will become a commercial reality in 2012. As multiple security vendors and academic institutions focus upon the botnet menace they will uncover more vulnerabilities lying within the heart of both the botnet malware and the C&C portal software. There will be growing pressure to exploit these vulnerabilities for the purpose of usurping control of the botnet from the cybercriminals hands and to issue appropriate shutdown and uninstall commands directly from the compromised C&C servers.

I wonder how many of these predictions will come to fruition? I guess we’ll find out in 380 days.

Posted by Bill Keeler on December 14, 2011 at 3:02 PM
| TrackBack (0)

Mobile Messaging Security Issues Forecast For 2012

Up next in our security predictions series is San Francisco-based Cloudmark. CTO Jamie de Guerre outlines the mobile messaging security threats that are on the horizon for 2012. 

Posted by Bill Keeler on December 13, 2011 at 4:20 PM
| TrackBack (0)

Security Threats of 2012: Consumerization of IT

The next in our series of prediction posts comes from Addison, Texas. Read on to see what Credant Technologies CEO & Founder Bob Heard has to say about IT security trends in 2012.

Bob Heard, CEO and Founder of Credant Technologies

It is an undeniable reality, today, that we live, work and play in a data-centric world. And the demand for access to data – anytime, anywhere and on any type of computer or device – has increased significantly and it will continue to increase significantly. Adding to this reality, though, is the trend of consumerization of IT – also known somewhat as BYOD or “Bring Your Own Device” – as it has been described.

People are bringing every conceivable type of device. Probably like you, I use a laptop, a tablet, a smartphone – and I am typically carrying anywhere from two to six USB drives at any point in time. And I use these drives in a homogenous fashion – they are all interdependent with one another. But what I think is more important than the quantity and types of different devices is the data itself – and the fact that this data is in high demand. By fulfilling this demand, we are able to transform data into information, and information into intelligence. If utilized properly, this presents the opportunity to significantly improve workforce productivity and overall business performance.

Forrester has predicted that up to 60 percent or more of our workforce will be working outside the office in a mobile environment this year. IDC predicts that on a worldwide basis, over 1.2 billion people will be working outside of the office by 2013. Your business – like mine – is probably embracing these trends: encouraging employees to take advantage of mobility and access to data from a wireless device to increase productivity while also potentially reducing our cost.

But while BYOD might increase productivity and reduce cost, it could also potentially be every IT security team’s worst nightmare – to manage all of this. I think that as security professionals we need to face the fact that it’s happening, and evolve our thinking and strategy for how we protect data on these types of devices.

Posted by Bill Keeler on at 11:22 AM
| TrackBack (0)

2012 IT Security Trend Predictions from AppRiver

The next in our series of 2012 predictions posts comes from beautiful Gulf Breeze, Florida. Read on to see what AppRiver Senior Security Analyst Fred Touchette has to say about IT security trends in the New Year.

Courtesy of Fred Touchette, AppRiver senior security analyst:

Analyzing malware, cybercriminal activity and the Dark Market for a living can certainly make one a bit jaded, and perhaps a little suspicious of anything and everything digital. I am no exception to this rule.

The past decade has seen both the birth and the rapid growth of computer viruses, which ultimately formed an industry much like that of the legitimate business world.  The Dark Market has its fair share of large organizations and self-starters, with the common goal to make money.  Or, perhaps I should say take money. 

Throughout the years, cybercriminals’ techniques have ranged from emails designed to phish personal information off of victims to highly technical programs that hide from their targets and siphon critical data without anyone being the wiser. I certainly don’t mean to scare people or hold up the “Abandon Hope All Ye Who Enter Here” sign, more so, I want everyone to be aware of the threats that are out there, what the bad guys are planning, and how to remain safe from digital threats. With a bit of vigilance and a dash of common sense, you can avoid becoming the next victim.

Here are a few things to watch out for in 2012.

•    2012 Prediction #1 - Mobile Malware
Flip phones and other minimal-use phones are going the way of the dinosaur slowly but surely, and Smartphones are taking their place. In addition to the Smartphone, we’re also seeing tablet devices dotting the mobile landscape. Everything that a person once needed a computer to do can now easily be done on a mobile device. Whether it’s surfing the Web, social networking, gaming, or email, mobile malware has a growing number of possible infection vectors that will most certainly make their way out of the “Proof of Concept” realm and more into the mainstream. Platform specific malicious texts have already started making the rounds, as have malicious Apps within various App markets.

Mobile malware will continue to rise with increased threats targeting functionalities, such as exploiting browser vulnerabilities of those who are surfing the Web, sending malicious links within emails, and continuing to exploit vulnerabilities vis-a-vis old tried and true methods. The more tablet devices that steer owners into making streamlined purchases through company-specific stores, such as iTunes or Amazon, the more likely it will become full of account numbers and private data.  The type of information Black Hats are specifically after.  

•    2012 Prediction #2 – More Social Engineering
No amount of equipment, gear, or money can stand in the way of what will likely remain the weakest component of any and all security systems – the human factor. Humans are notoriously trusting and maintain an underlying desire to help others in need.  And, that’s why we remain easy targets.

Thankfully, the population at large is beginning to understand digital scams for what they are and have become wiser for it.  Unfortunately, this level of general understanding has created stronger demand for more sophisticated threats.  Custom crafted and multi-vectored social engineering attacks will continue to evolve and wreak havoc on victims, and certainly won’t be limited to botnet-borne, mass-mailed password phishers.

•    2012 Prediction #3 – Social Networking Scams
A few years ago, the social network was a niche offering for technophiles. Today, nearly everyone has a Facebook account, if not several social networking accounts hosted on different sites. Since people and their money are established targets, cybercriminals will continue to go where the people are.  Facebook and Twitter will remain popular sites to host malware campaigns posing as messages from “friends”. The ability of shortened URL services to make the final destination of these links unclear will also aid in the effectiveness of malicious campaigns.

•    2012 Predictions #4– Targeted Malware
Everyone is likely familiar with the infamous Stuxnet Worm, which originated from a very complex piece of code designed specifically to get onto the air-gapped network of Iran’s nuclear enrichment facility, seek out certain pieces of equipment and alter its processes ever so slightly in order to botch Uranium enrichment processes. Less people may be aware of Stuxnet’s cousin, Duqu which shared code with Stuxnet and masqueraded as a Microsoft Word document targeting roughly eight different countries in the same area of the world. These incredibly complex pieces of malware made their way to specific targets with incredible swiftness and accuracy. There’s no doubt that this type of attack, whether it be government sponsored or otherwise, will remain at least as prevalent if not more so in 2012.

•    2012 Predictions #5 –Hacktivism
Groups such as Anonymous and LulzSec gained a lot of notoriety in 2011. Because of the highly publicized events from these two groups, we are sure to see copycat groups attempt similar acts. Whether they claim to be in the interest of the people, cause mischief, or a confused blend of both, major corporations or entities will likely be targeted. SQL injection has often been the technique of choice for data theft or Web defacements made in the name of hacktivism. It will be important for companies to fortify their databases and Web applications in order to better protect customers and clients.

In Closing
Cybercrime, unfortunately, is not going anywhere since we increasingly rely on technological advancements for convenience and entertainment.  I dread the day when my toaster routinely checks for updates on the Internet and accidentally pulls down a virus that’s programmed to burn my toast every morning.  Or the day when the morning news displayed on my bathroom mirror is replaced with some sort of quasi-political message due to cyber shenanigans. The best thing we can all do is to watch our steps, keep our software up to date, use layered security, and keep it safe out there!

Posted by Tiffany Darmetko on December 9, 2011 at 10:26 AM
| TrackBack (0)

The Future of Security: Top Five Predictions for 2012

By Adam Powers, chief technology officer, Lancope

Organizations witnessed an explosion of high-profile breaches and cyber attacks in 2011 – including the highly publicized WikiLeaks breach and Anonymous and LulzSec attacks. This steady stream of directed attacks will continue, if not increase, in 2012.

Here are Lancope’s top five security predictions for 2012: 

1. Advanced persistent threats (APTs) will become more predominant - The explosion of APTs, also known as targeted attacks, against high-profile companies and government agencies in 2011 will become even more predominant in 2012. Organizations that come under fire from APTs will be at heightened risk, suffering tremendous credibility and financial loss.
2. Insider threats will grow - Insider threats backed by malicious intent, and the risks associated with insider breaches, will grow in 2012. Because they occur within the network and by privileged users, such as employees, contractors or partners, organizations will have a hard time battling insider threats with traditional security measures that detect attacks from the outside.
3. Industrialized attacks will remain stable - Industrialized attacks have been around for several years now, but they no longer represent the peak of sophistication in the world of cyber threats. They will, however, continue to be a viable concern in 2012 due to their profitability. In 2012, industrialized attackers will focus efforts on “soft targets,” or organizations without tight security.
4. Employee misuse and abuse will create steady risk - Employee misuse and abuse is a problem that is not going away anytime soon, as employees are increasingly seeking ways to use their personal devices and other computing conveniences in the workplace. For the most part, employee misuse and abuse incidents won’t be backed by malicious intent. They can, however, open the corporate network up to attack, so they should be considered a fairly high risk in 2012.
5. Fully automated attacks will trend down - “Drive-by” automated attacks, or traditional viruses and worms, have been trending down in recent years, and they will continue to do so in 2012. The primary concern with automated, indiscriminate attacks will continue to be business downtime and loss of worker productivity.

If 2011 taught us anything, it’s that the targeted, highly motivated attacker is real. While APTs will remain highest on our radar, it doesn’t mean that other types of attacks will be going away. With the exception of fully automated attacks, which are likely to continue dropping off in 2012, the other attack types above will also steadily proliferate moving forward.

Today’s threat landscape requires a new level of thinking and preparation when it comes to security. Organizations can no longer just buy various tools to protect against the different mechanisms of launching attacks. Instead, we must think about the various forms of attack in terms of the motivation behind them to determine how best to protect our assets. 

Posted by Bill Keeler on at 9:16 AM
| TrackBack (0)

2012 Security Predictions

By Torsten George, vice president of worldwide marketing, Agiliance

Prediction: New government mandates around cyber security will require businesses to reveal security breaches for full compliance, in turn sending them into a tailspin as they must find new ways to manage data around and report these attacks.

2011 showed record numbers of cyber security attacks and associated breaches with very public disclosures from Citigroup, the International Monetary Fund, RSA (The Security Division of EMC), Lockheed Martin, Google, Sony, ADP and NASDAQ, amongst the many. Government networks, critical infrastructure operators and the private sector are facing an increasing frequency and sophistication of cyber attacks and breaches of information security -- often with discovery after the fact.

As a result, the U.S. House of Representatives’ Intelligence Panel  recently approved a bill to let U.S. spy agencies share intelligence on cyber threats with defense contractors and Internet service providers and the SEC issued a memo suggesting that corporations disclose all cyber attacks, showing that continuous compliance and allocation of resources in accordance with risk posture will be even more important for many federal-regulated organizations.

But the true question is – will these guidelines be helpful or harmful in the long-term?

I believe that these actions represent much-needed progress in the fight against cyber criminals. It is a common understanding among security professionals that collaboration among the good guys to outmaneuver the bad guys is a preemptive measure that has great potential to reduce the frequency and scope of hackers’ attacks. While it will be interesting to see how the cyber security bill will enhance the risk posture of government agencies, defense contractors and Internet service providers, the overarching question is whether the bill is wide reaching enough. Sharing sensitive threat information becomes essential in preventing widespread attacks across different verticals and industries.

At the end of the day, we have to understand that cyber criminals are coordinating their efforts and are well-versed in sharing vulnerabilities and attack methodologies. To counter them, government and private industry have to work hand-in-hand to quickly dissipate information about threats. What collaboration can produce has been showcased by the strengthening and unifying of all government agencies to overcome the breakdown of intelligence data exchange after the September 11th attacks. Improvements in network consolidation, intelligence integration and cross-departmental training can be contributed to the detection and subsequent killing of al-Qaeda leader and founder Osama bin Laden.

Collaboration isn’t easy. Often, movement can only be achieved by way of mandatory obligation. Although this cyber security bill and SEC memo is a move in the right direction, a broadening of the group that information will be shared with and regulations that mandate prioritizing security in the overall picture will really move the needle. As companies evolve to shift their outlook to risk-based security, to achieve full compliance, it will result in a safer, more secure network infrastructure.

Posted by Bill Keeler on December 8, 2011 at 2:18 PM
| TrackBack (0)

What Are The Best IT Minds Talking About?

Hello Tangled Web Followers,

The Schwartz MSL Security Practice has one of the deepest lineups of IT security experts in the world. Throughout the rest of December and leading up to the New Year, Tangled Web will be a great spot to stop for IT security insights, thoughts and 2012 predictions. We hope you enjoy their commentary.

First up: ESET Security Researcher Cameron Camp on “2011: a year of hacks, breaches and cyber-scares.”

Since starting as a security researcher, I’ve been amazed how there are continually unpredictable twists in the cyber security road, making it daunting for organizations to analyze, adapt and respond to (or do PR damage control), aggravated by the increasingly instantaneous response times expected by customers. 2011 was no different. This year we saw several concepts move into mainstream, including pervasive mobile/tablet communication as it moved closer to the epicenter of personal/business communication. We also saw “hacktivism” striding on to the security stage and demanding – street protest style - to be heard. As if legislators didn’t have enough to do, it also became fashionable to breach large organizations in rather public fashion, leading consumers to doubt fundamental assumptions about the reliability of the Internet in general, and specifically whether their personal information was really safe in the hands of the security professionals claiming protect it. In short, it was a year of turmoil and change, like normal.

Where are we headed next year? Here are a few trends we’ve noted and predictions we expect to take center stage in 2012. We expect it to be a wild ride security-wise, not just owing to the predictions of certain catastrophe by followers of the ancient Mayan calendar, but by the pervasive role data – especially personal information – will start to take, and how scammers will lust after the newly pervasive targets.

1.    IT policies will be required to accept more types of access points for corporate communication, to include mobile handheld devices, tablets, and other communication-enabled devices like embedded automotive applications, and others.

2.    Significant focus on improving Java security patch/updates on non-traditional corporate networked devices. With Oracle estimating greater than 3 billion devices running Java, everything from videoconferencing equipment to networked door locking devices, many device patch updates lag far after the wide availability of patches, creating an opportunity for scammers. Many of these devices fall outside traditional patch cycles and methods, and may be overlooked, but still may represent an attack surface, or entry point for spear-phishing efforts.

3.    A shift in users’ perception of communication in general from “I go to a place and then communicate” to “I communicate from devices on or around me always.” So communication, even corporate communication will be expected to be always-on, always present with a person, not just at the office. Security discussions will then need to shift focus from a securing a single monolithic organization to security surrounding a person, as how a person acts may increasingly have direct, near real-time impact on their organization. Crafting corporate damage-control messaging resulting from data sprawl after a less-than-flattering action by a member will become increasingly prevalent, and potentially embarrassing. And once the action hits the interwebs, it will persist.

Posted by Bill Keeler on December 7, 2011 at 10:50 AM
| TrackBack (0)