While 2011 is coming to an end, security threats show no sign of slowing down. UK-based Information Security Forum (ISF) vice president of sales and marketing, Steve Durbin, shared his four security predictions for 2012.
Consumerisation of IT
The first trend he sees occurring is the rapid growth of the consumerisaiton of IT that has left the security function in the enterprise struggling to cope with managing and protecting data that is stored on company and personal equipment.
“That’s going to lead on to potential compliance failures and disclosure of business information,” Durbin said.
“Even though security organisations are aware of it, I think we are going to see some flare ups over the next 12 months where there are some embarrassments that are caused out there.”
Increased hacking incidents
Not surprisingly, Durbin said information losses will occur at both an enterprise and personal level from hacking attacks.
“The compromises we’ve been seeing over the last 12 months with Sony [Playstation Network] and a number of other organisations are going to continue,” he said.
“I don’t think some enterprises are taking these threats seriously because there is still so much scope for data to be stolen that we are going to see some big breaches and hacks coming that will impact business reputation and consumer trust.”
The rising costs that are associated with proving Cloud computing compliance and external attacks on the Cloud will increase, according to Durbin.
“While a number of organisations are now implementing strategies for Cloud computing security and compliance, we still have a way to go in certain areas, mainly because a lot of organisations still do not know where they have Cloud implemented across their business,” he said.
As people are moving to make much more use of technology such as smartphones and tablets, loss of equipment along with the potential distribution of malware will lead to an increased risk of business information loss and fraud.
Durbin added that all four of these problems could be addressed if companies increased user and security awareness.
“We’ve been trying to do that for a number of years now so there is opportunity for the security awareness program people to continue to do their work,” he said.