Security Predictions for 2013 Provided from Three Different Angles
Experts from GlobalSign, Solutionary and SpectorSoft share some insight
Since 2012 is almost over, many internauts are probably wondering what’s in stall for them next year. To answer this question, the representatives of four companies have come to our aid, each predicting the future of the cyber security scene from their own perspective.According to Nick Cavalancia, VP of SpectorSoft – a company that offers sophisticated employee monitoring software – the individual employees’ growing use of cloud applications, social networks and BYOD is likely converging to form the greatest threat, not only to security, but also to compliance.
“In 2012, we read a lot about SQL injection, phishing and other attack vectors that led to compromises, in 2013 breaches and privacy incidents driven by cloud applications, BYOD and social networks are going to start to take center stage. To a degree, we have already started to see this materialize in the Zynga and General Petreaus situations,” Cavalancia explained.
Ryan Hurst, CTO of GlobalSign – a company that provides identity verification and trust services – reveals that we’ll see “the renaissance of security in 2013.”
“To address the ever-evolving risks, organizations will need to continue investments into formal security assurance programs. Such programs allow customers to continuously review the deployment practices and the configuration of the systems they both use and develop,” says Hurst.
“This is especially true as we see broad movement to the rapid development model that Software as a Service enables. As a result, I believe organizations will be forced to refocus on how they accomplish their business goals securely on with the new realities we live with.”
Finally, some interesting predictions from Rob Kraus, director of research at Solutionary Security Engineering Research Team.
“In 2013, attacks against SCADA systems and cyber warfare between nations will escalate. Although these attacks will be targeted at specific organizations, we will see vectors, techniques and malicious code involved make its way into the hands of cybercriminals who target private enterprises and their customers,” Kraus revealed.
“To a degree, with Chevron’s recent admission that it found Stuxnet in its systems, this is already starting to happen.”
Jeff Hudson, CEO of Venafi, a provider of enterprise key and certificate management (EKCM) solutions, agrees that threats like Flame and Stuxnet should represent a major concern for enterprises.
“Many pundits, leading media outlets and even some security experts are reporting that enterprises needn't be overly concerned about Flame and Stuxnet-style malware attacks, citing the fact that they were executed by well-funded espionage intelligence groups whose target was hostile nation states and not businesses,” said Hudson.
“Unfortunately, the tools and techniques for executing these types of attacks are now in the hands of common criminals and rogue entities. In the coming year, these same types of attacks will be perpetrated against enterprise organizations, and are likely to result in significant and costly public breaches.”
Update. The article has been updated to include insight from Jeff Hudson.