Sydor Instruments partners with SABRE Ballistics t... » ROCHESTER, N.Y.: Sydor Instruments has has entered into an agreement with SABRE Ballistics to serve ... Interconnective to deliver smart two way radio IP ... » Interconnective Security Products (ISP) announced that it has entered into an agreement with the awa... Security B-Sides London announces its galaxy of sp... » Security B-Sides London, the event driven by the information security community, has confirmed its l... Russian Kubinka Tank Museum to restore Maus Super-... » Company to assist the museum in building a unique collection of military warfare exhibits Wargaming... ISACA donates $20,000 to help UNESCO build knowled... » London, UK: As part of its new corporate social responsibility (CSR) program, ISACA, a global associ... Army couples needed for relationship study » Participants hold the key to improved relationships after deployment DENVER: Judy Davis is an acti... Global Association ISACA reaches 45 years and 115,... » London, UK: In 1969, the first message was sent between computers via ARPANET, the precursor o... Datum Datacentres announces fast growing cloud and... » FARNBOROUGH: Datum Datacentres has announced the official launch of the Datum Cloud Hub, the co-loca... ANIMATRONIC MANNEQUIN TO TEST PROTECTIVE EQUIPMENT » The Ministry of Defence has invested £1.1m in a new state-of-the-art robotic mannequin that will tes... Options upgrades low latency route between Cartere... » New York: Options has announced that it has upgraded the route between the firm’s data center facili...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Information Security Header

It’s the time of year again when IT security experts predict what they think the year might bring.

Oded Comay, CTO of ForeScout, predicts:

Prediction #1: Smartphones and Tablets become the Enterprises’ “Trojan Horse”

This existing trend of increasing mobile malware will continue through 2013. This is of course a problem for consumers, but it is more-and-more an enterprise issue because of the skyrocketing presence of mobile operating systems on enterprise networks.

In 2013, more malware than ever will enter the enterprises via employee owned smartphones and tablets. Companies that wish to defend themselves against this modern day “Trojan Horse” will need to deploy security technologies in two places: on the mobile devices themselves, and on their networks. Mobile device security products (antivirus etc.) are available from many traditional endpoint security vendors, and there are a variety of new mobile device management (MDM) vendors that can let you control the configuration of the mobile devices themselves. Next, you need to ensure that your network itself is protected from risky smartphones. This is an application for classic network access control (NAC). Prepare for boom and buzz in both the MDM and NAC markets in 2013.

Prediction #2: Targeted corporate sabotage will increase

On 15 August 2012, a piece of malware called “Shamoon” erased all files on more than 30,000 computers within the network of Saudi Arabia's state oil company, ARAMCO. It was a devastating attack against this company. The malware was targeted specifically for ARAMCO, and thus the major antivirus vendors (Symantec, etc.) had no signatures to detect or protect against this malware. Targeted attacks in the energy community are growing so quickly that cyber security has emerged as the principle security concern, topping physical security issues.*

As 2013 unfolds, we’ll see increasingly sophisticated corporate attacks spread by malware and created with corporate sabotage as its specific intent. We’ll also see growth in niche security solutions that defend against targeted attacks such as by looking specifically at network behaviour that is associated with propagation.

Prediction #3: BYOD Growth Drives Need for Increased BYOD Security

Jupiter Research recently predicted that the number of BYOD devices would double by 2014. BYOD itself is not a threat, but increasingly IT security managers shudder at the implications of large numbers of uncontrolled, unmanaged devices connecting to their enterprise networks. Not to mention the vulnerability inherent in your important corporate data walking out the door every day on a device that is easily stolen or misplaced. If your enterprise doesn’t have a security plan in place for BYOD, you are risking two major problems: 1) loss of data, 2) infection and attack by compromised endpoints and possibly compliance violations.

Enterprises looking to secure themselves against the BYOD trend need to consider deploying security technologies in two places: on the mobile devices themselves and on their networks. As the BYOD trend turns to BYOD ubiquity, we will see a growing need for BYOD security solutions.

* Roberts, John. "The Barrel Blog." The Barrel Blog. Platts a Division of The McGraw-Hill Companies, 27 Nov. 2012.

Steve Pao, Vice President of Product Management at Barracuda Networks, predicts:

Virtualization will continue to change how we think about networking. The changes brought on by virtualization that have already affected compute and storage will continue to move to the network. While the term “software defined networking” has become a buzzword of sorts, we are seeing many practical implications, including localizing security close the resources being protected. For example, over half of our SSL VPN unit volume is sold as virtual appliance today. In fact, we have virtualized most of our network-facing product line, including our next generation firewalls, Web application firewalls, server load balancers, spam filters and Web filters.

Growth in data will continue to change how we think about retention. In our personal lives, data growth has forced hard disks and the cloud to obsolete the old floppy disks, ZIP drives and CD-ROMs. Similarly, in our corporate similar trends are forcing obsolescence of tape backup and the transport of those tapes offsite. At Barracuda, our fastest growing product line has been Barracuda Backup combining disk-based backup featuring data deduplication with offsite replication to the cloud. We see this trend continuing.

The next generation firewall will become mainstream. At the enterprise level, many vendors (including Barracuda) have been evangelizing for next generation firewalls that can monitor and control policy across both users and real applications. This technology is will trickle down to midmarket buyers in 2012 and replace the heritage Unified Threat Management (UTM) products that simply combined disparate functions into a single box. Watch this space for more from us, too.

Businesses will have to get smart about social media usage in the workplace. A Barracuda Labs survey revealed that while 86% of respondents felt that employee behavior on social networks can impact company security, 75% of those respondents’ workplaces allowed Twitter usage and 69% of the respondents’ workplaces allowed Facebook usage. In 2013, Web security should continue its growth and many businesses will start to leverage social media archiving technologies as part of their e-Discovery and compliance initiatives.

Android and iOS will continue to impact business applications. Most of our customers appreciate that mobility and BYOD extend both the hours and productivity of their workforces with relatively little expense. However, taking advantage of mobile platforms requires the ability to access corporate networks, access stored data and browse the Internet safely. We, like other vendors, have mobility initiatives across our security and data protection product lines.

Cloud. Beyond the cloud hype, organizations will get very practical about how to use the cloud. 2013 will be the era of cloud systems management, extending the elastic compute cloud to security and enabling the efficient use of cloud applications (e.g., salesforce.com) from within very busy networks