Monday, January 30, 2006

Top 10 security predictions for 2006

As the importance of information security continues to rise, organisations around the globe are looking at revising their existing strategies to ensure that their information assets are optimally secured.

Gary Middleton, general manager of security solutions at Dimension Data, outlines ten predictions that will impact the information security landscape in 2006:

  1. Expect more damages, but fewer epidemics. Infection rates are likely to increase in 2006, and organisations can therefore no longer rely on the media or mass attacks to alert them of problems. The assumption that no news is good news will lead to a false sense of security.
  2. Attacks will move beyond Microsoft’s operating system. More applications and other infrastructure elements within organisations will be targeted, resulting in increased workloads to patch vulnerabilities.
  3. Spyware will remain a major issue. Organisations can expect more spyware infections, which will deplete bandwidth, drive up the number of helpdesk calls and ultimately affect employee productivity. There will be a greater need to invest in additional technology to combat spyware.
  4. Instant Messenger (IM) and Peer-to-Peer (P2P) will become a bigger headache. Widespread adoption and use of IM and P2P applications can expose organisations to new threats. Organisations need to be aware of, secure and manage these technologies.
  5. Messaging security will get serious. Two years ago, organisations invested in email security products that controlled spam. Today, the focus has shifted towards solutions that incorporate policy compliance and encryption capabilities – in addition to the ability to deal with viruses and spam.
  6. Boards will pay more attention to security. In line with the global trend of good governance practices, boards continue to pay greater attention to ensuring that their organisations’ information assets are protected from a growing number of internal and external threats.
  7. Wireless security will get more attention. As the end-user demand for mobility continues to grow, organisations need to ensure that their wireless access points are secured from unauthorised access.
  8. Patching will become selective. The number of patches that are released for operating systems, applications and other IT infrastructure elements continues to grow at an alarming rate. Implementing all patches is becoming too cumbersome and costly, and organisations will start to selectively patch their IT assets based on value and the particular threats that they face.
  9. The trend towards secure infrastructure will continue. As security becomes embedded in the infrastructure layer; we are witnessing the convergence of network, systems and security management as a single competence. As a result, customers will increasingly look at one provider to supply, support, manage and secure the end-to-end infrastructure.
  10. There will be a greater focus on end-point security. There is going to be a much greater focus on how insecure end-points; such as laptops, desktops and other devices; connect to the network.

No comments: