As we look toward 2010, the one thing we can be sure of is that there will be a lot more collaboration between end users and different companies thanks to the mainstream adoption of a variety of Web 2.0 technologies. And with that increased adoption we'll also see not only more sophisticated types of malware attacks in 2010, but more comprehensive ones as well.
Bradley Anstis, vice president of technology strategy for M86 Security, a provider of security software that just acquired Finjan, notes that when it comes to security, IT organizations would do just as well to pay as much attention to the data leaving the company as they do the packets coming in. That's because in the age of Web 2.0, more attacks have to do with pulling data out of the company than just trying to insert malware somewhere in the organization.
In particular, Anstis says IT organizations will need to pay attention to the following security issues in 2010:
Other things that Anspis says IT organizations need to keep an eye out for are poisoned search engine results that lead users to sites that have been optimized around a keyword in order to insert malware; more 'scareware' tactics that convinces users to download fake security software; exploitation of international domain names to create fake web sites; and more sharing of links to infected sites via link shortening service such as www.tinyurl.com.
No matter how you cut it, 2010 is already shaping up to be a tough year for security. As such, Anstis, whose predictions can be found here, says the smartest thing any IT organization can do is a full review of their security policies to find out not only where money is being spent needlessly, but also to reduce complexity because just like Web 2.0 integration, complexity is the enemy of security.