Marcus Leary
2/7/2012
MIS
10 security trends to watch in 2012
Compared to 2011, 2012 will
hopefully be a better year when it comes to internet protection. There were ten
different security trends that were brought to people’s attention. The first
one is breaches are inevitable, say businesses. Many people, especially CIOs,
at multiple businesses over the past few years acknowledge that when people get
hacked it is all about when not if. It is nearly inevitable that attacks will
succeed because of the sheer volume of hacks that have happened. With the new
mandate in place, it is not just about having really good defense, but also
have the right technology and practices so they will be able to detect a
possible attack. The second is cyber espionage continues. Hacking has always
gone low and slow, thus been hard to detect. That technique has been effective
because of social engineering techniques that they use. The third is mobile
malware continues to increase. The most
attacked phone due to mal-ware is the android operating system. Although
compared to some of the other places to hack, phones wouldn’t be the real
biggest thing to attack. But never the less, people are doing their best to save
phones from being hacked. The fourth is mobile devices get anti-theft
protection. Businesses have tried to find ways to help their employees find
their phones in case they lost them and so far they have found a way to locate
them electronically. The fifth is spear-phishing scourge continues. Businesses have
trained their employee’s only open files that are deemed important to their
work. The sixth is social engineering attacks hit social networks. Since so
many people have sign onto social networks like Facebook and Twitter, that has
made it easier for hackers to try and get into other businesses sites. The seventh
is botnets keep infiltrating businesses. Many malware programs come in through Trojan
horses made by tool kits. Malware aim at making PCs into silent nodes and
become used at their own discretion. The eighth is breach notifications gain
greater traction. Many countries, like Germany, have passed bills making it so
certain parts of the governments help protect against hacking. Number nine is
critical infrastructure rhetoric keeps heating up. The only issue that some
people see with making part of the government go through the internet to see if
people are hacking is that about 95% of the internet is private and some people
don’t want that privacy invaded. The final trend is code gets externally
reviewed. Since the codes in many businesses haven’t been properly cleaned, hackers
would have an easier time breaking through that code and getting valuable info.
That is why many businesses have their IT people properly clean up the code and
fix any flaws that they find.
I find it interesting and for the most part agree that being hacked is much more of a "when" rather than an "if" nowadays. Even large corporations like Sony and Zappos are facing problems with hackers breaking into their systems and stealing valuable client information. I have a friend who works as a CTO (Chief Technology Officer, often identical in position to the Chief Information Officer) for a mid-sized company in New York City. He once told me that any system is vulnerable unless it has a "good guy" just as skilled and working just as hard as the "bad guy" is on the other side. In other words, companies with security experts who know exactly what they’re doing and work diligently at their jobs should be sufficient to stop hackers from breaking into their systems. It’s not impossible, however, that these systems get hacked regardless. The bigger the corporation the more important it is that they hire competent computer security experts.
ReplyDelete